SpyEye Masterminds Begin 24 Year Sentence

Uploaded on 2016-05-11 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

US law enforcers are patting themselves on the back recently after the sentencing of the two men behind the notorious SpyEye banking malware, for a total of 24 years.

Russian Aleksandr Andreevich Panin, aka ‘Gribodemon,’ was handed down nine and a half years for his part as the primary developer and distributor of the malware, which caused losses of nearly $1 billion and infected over 50 million computers across the globe between 2010-2012, the DoJ said.

Algerian Hamza Bendelladj, aka ‘BX1,’ was given 15 years for sending over a million malware-laden spam emails, as well as selling malicious plug-ins for botnets, causing millions in losses to individuals and financial institutions, and running a carding forum: VCC.sc.

Panin was arrested on 1 July 2013, when he flew through Hartsfield-Jackson Atlanta airport, while Bendelladj was cuffed in Bangkok’s Suvarnabhumi airport on 5 January 2013 and subsequently deported.

Law enforcers are particularly pleased because they say Panin was just months away from releasing a new strain of SpyEye which could have caused “immeasurable losses” to the banking industry.

“It is difficult to overstate the significance of this case, not only in terms of bringing two prolific computer hackers to justice, but also in disrupting and preventing immeasurable financial losses to individuals and the financial industry around the world,” said Georgia DA, John Horn, in a statement. 

“The outstanding work by our law enforcement partners, both domestically and internationally, as well as terrific cooperation from the private sector, serves as a blueprint on how to combat complex cyber-crime syndicates around the world.”

Trend Micro was one of those private sector partners, providing vital information such as the online “handles” and accounts used by the duo, it revealed in a blog post.

As for law enforcement partners, the FBI were helped by the UK’s National Crime Agency, which arrested a British hacker, James Bayliss, in 2014 for his part in helping to code the ccgrabber plugin for SpyEye, according to Trend Micro.

“Taking down infrastructures and servers is but a short-term solution to the problem of cybercrime; to truly address cybercrime, the perpetrators themselves must be stopped,” the firm wrote.

It should be noted that other co-conspirators of the duo are likely still at large, as is the FBI’s most wanted cybercriminal – Evginy Bogachev, aka ‘Slavik’ – who originally passed the source code and rights for Zeus to Pavin.
Infosecurity: http://bit.ly/1ZEaimd

« Cyber "Best Practices" Are About To Change
Tracking Islamic State Impeded By Encryption »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

IT Governance

IT Governance

IT Governance is a leading global provider of information security solutions. Download our free guide and find out how ISO 27001 can help protect your organisation's information.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Pen Test Partners LLP

Pen Test Partners LLP

Pen Test Partners provides penetration testing, security assessment and training services.

Scale Computing

Scale Computing

Scale Computing is an industry leading application platform for EDGE computing environments covering retail, manufacturing, financial services and government.

Luxar Tech

Luxar Tech

Luxar's network visibility products enable enterprises and service providers to monitor network traffic, improve security and optimize efficiency.

Spire Solutions

Spire Solutions

Spire Solutions is the Middle East & Africa region’s leading cybersecurity solution provider and value-added distributor (VAD).

Squalio

Squalio

Squalio is an information technology group that delivers solutions and services for secure and effective IT management.

Cloudentity

Cloudentity

Cloudentity combines Identity for all things with API and Application security in a unique deployment model, combining cloud-transformation and legacy systems.

Cybriant

Cybriant

Cybriant Strategic Security Services provide a framework for architecting, constructing, and maintaining a secure business with policy and performance alignment.

OSI Security

OSI Security

OSI Security's primary services include penetration testing, security auditing, web application security testing and risk management.

NetWitness

NetWitness

NetWitness empowers security teams to rapidly detect today’s targeted and sophisticated attacks with unparalleled visibility.

Jit

Jit

Jit empowers developers to own security for the product they are building from day zero.

ITQ Latam

ITQ Latam

ITQ Latam are specialists in cybersecurity, in a convergent ecosystem of technological solutions in infrastructure, cloud and security networks.

EPAM Systems

EPAM Systems

Since 1993, EPAM Systems has leveraged its advanced software engineering heritage to become a leading global digital transformation services provider.

Increase Your Skills (IYS)

Increase Your Skills (IYS)

Armed and ready: raise awareness of cyberattacks in your company with the Full-Service Awareness Platform from IYS – fast and effective. We help you develop a robust, sustainable security strategy.

Panoptic Cyber

Panoptic Cyber

Panoptic Cyber are a team of elite Armed Forces Veterans who hold a wealth of experience in Information Security, Cyber Security, Data Protection and Risk Management.

Dedagroup (Deda)

Dedagroup (Deda)

Dedagroup provide application solutions and IT services to bring innovation at the core of business processes.

Rydal Group

Rydal Group

Rydal Group is an award-winning, fully pledged communications & managed IT, Security and Energy provider supporting over 1,500 businesses across the UK.