14 DAY TRIAL // 24-year-old Russian national Aleksandr Andreevich Panin has admitted being the primary developer and distributor of SpyEye, the malware used by cybercriminals from all over the world to steal personal and financial details from the owners of infected computers.
Panin – who has been using the online monikers “Gribodemon” and “Harderman” – has also pleaded guilty to conspiracy to commit wire fraud and bank fraud. He will be sentenced on April 29, 2014.
US authorities say SpyEye has been used to infect more than 1.4 million computers from all over the world. The Russian is said to have sold his creation to over 150 cybercriminals for prices between $1,000 (€730) and $8,500 (€6,226).
One customer, dubbed “Soldier,” is believed to have made over $3.2 million (€2.3 million) in a six-month period.
The FBI started disrupting the SpyEye infrastructure back in February 2011, when the agency seized a command and control server operated by Hamza Bendelladj, an Algerian national who’s said to have contributed to the SpyEye project.
Later, in June and July 2011, FBI agents started communicating online with Panin and purchased a version of SpyEye from him. Panin and Bendelladj were indicted in December 2011, but at the time, US authorities hadn’t fully identified the Russian.
Bendelladj, known online as “Bx1,” was arrested in Thailand in January 2013, and was extradited to the US in May 2013.
Panin was arrested on July 1, 2013 at the Hartsfield-Jackson Atlanta International Airport.
“This investigation highlights the importance of the FBI’s focus on the top echelon of cyber criminals. The apprehension of Mr. Panin means that one of the world’s top developers of malicious software is no longer in a position to create computer programs that can victimize people around the world,” said Acting Special Agent in Charge Ricky Maxwell of the FBI’s Atlanta Field Office.
“Botnets such as SpyEye represent one of the most dangerous types of malicious software on the Internet today, which can steal people’s identities and money from their bank accounts without their knowledge.”