Threat Management, Malware

SpyEye’s primary developer and distributor pleads guilty in U.S.

A Russian man who played an integral role in the development and distribution of banking malware, called SpyEye, has pleaded guilty to conspiracy to commit wire and bank fraud.

On Tuesday, the Justice Department announced that Aleksandr Panin, also known as “Gribodemon” and “Harderman,” attested to his role in spreading the trojan, which has infected more than 1.4 million computers in the U.S. and abroad, according to federal officials.

SpyEye first turned up in 2010 and quickly resembled the notorious Zeus trojan for its ability to steal information, particularly bank login credentials, from the users whose computers it infected. The malware often injects web fields into legitimate banking sites, where attackers secretly steal data that victims enter.

Panin admitted his “orchestration of this criminal scheme to use SpyEye” on Tuesday, the release from DOJ said.

His sentencing is scheduled for April 29 before a federal judge in Georgia, Amy Totenberg.

“Panin was the primary developer and distributor of the SpyEye virus,” the DOJ release said. “Operating from Russia from 2009 to 2011, Panin conspired with others, including codefendant Hamza Bendelladj, an Algerian national also known as “Bx1,” to develop, market and sell various versions of the SpyEye virus and component parts on the Internet."

Panin sold the malware for about $1,000 to $8,500 a pop (depending on the malicious offerings packaged with it) to at least 150 clients, federal officials revealed.

Just one of Panin's customers, going by the alias “Soldier,” is believed to have made more than $3.2 million over the course of six months by leveraging the trojan.

Last July, Panin was arrested in the U.S. and eventually charged with 10 counts of wire fraud, one count of conspiracy to commit computer fraud, and 11 counts of computer fraud – along with the one count of conspiracy to commit wire and bank fraud he pleaded guilty to on Tuesday.

Hamza Bendelladj, a co-defendant in the case who is also accused of helping to develop, market and sell SpyEye online, was arrested last January at a Thailand airport, and extradited to the U.S. in May 2013 to face charges.

Bendelladj's charges are currently pending in a federal court in Georgia, the Justice Department said.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.