The Federal Bureau of Investigation (FBI) has successfully brought to justice two notorious international hackers from Russia and Algeria who were instrumental in the development and distribution of the SpyEye malware.
On Wednesday, the U.S. Department of Justice sentenced the hackers Aleksandr Andreevich Panin and Hamza Bendelladj who went by the monikers Gribodemon and Bx1, respectively. The two have been sentenced to a combined 24 years and 6 months in jail.
Panin is from Russia and Bendelladj is Algerian and were the brains behind SpyEye botnet creation kit, which resulted in several million dollars worth of losses to banks around the world.
U.S. Attorney Horn let on that per the charges and evidence presented in court, from 2010 t0 2012, SpyEye served as the foremost "malware banking Trojan." The malware created by the prolific hackers was deployed by an international cybercriminal syndicate to contaminate more than 50 million PCs. This led to both financial institutions and individuals worldwide suffering setbacks of nearly $1 billion.
For the unfamiliar, the malware was developed in such a manner that it was mechanically capable of stealing confidential data - both financial and personal such as usernames, PINs, passwords, credit card details, banking credentials etc. SpyEye was able to facilitate the process by clandestinely infecting the computer of a victim. This would give the hackers the ability to control the compromised PC remotely sans any authorization, letting them steal the financial and personal data belonging to the victim through several methods such as "credit card grabbers," "web injects" and "keystroke loggers" to name a few.
The stolen data was secretly transmitted by the cybercriminals to C2 servers without being detected. From here they would use it to steal cash from the victim's bank account.
SpyEye's core developer was Panin, who created the Trojan as a successor to the malware Zeus. Judge Amy Totenberg handed the 27-year-old a sentence of 9 years 6 months.
His business partner 27-year-old Bendelladj - who pleaded guilty in June 2015 for aiding Panin in creating and marketing the SpyEye kit - was sentenced to 15 years in prison.
"Through these arrests and sentencing, the risk the public unknowingly faced from the threat posed by the imminent release of a new highly sophisticated version of SpyEye was effectively reduced to zero," noted the FBI's J. Britt Johnson.
Johnson also added that the investigation led by the FBI was instrumental in bringing one of the "most nefarious malware developers" in the world to justice. The efforts of the FBI also successfully disrupted the SpyEye botnet, showcasing the power a concentrated investigation holds.
The FBI Special Agent in Charge is also of the belief that the sentences and arrests will send out a strong message to prospective malware developers, as well as their customers (irrespective of their location), deterring them to partake in such activities.
Photo: Davide Restivo | Flickr