SpyEye Masterminds Begin 24 Year Sentence

Uploaded on 2016-05-11 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

US law enforcers are patting themselves on the back recently after the sentencing of the two men behind the notorious SpyEye banking malware, for a total of 24 years.

Russian Aleksandr Andreevich Panin, aka ‘Gribodemon,’ was handed down nine and a half years for his part as the primary developer and distributor of the malware, which caused losses of nearly $1 billion and infected over 50 million computers across the globe between 2010-2012, the DoJ said.

Algerian Hamza Bendelladj, aka ‘BX1,’ was given 15 years for sending over a million malware-laden spam emails, as well as selling malicious plug-ins for botnets, causing millions in losses to individuals and financial institutions, and running a carding forum: VCC.sc.

Panin was arrested on 1 July 2013, when he flew through Hartsfield-Jackson Atlanta airport, while Bendelladj was cuffed in Bangkok’s Suvarnabhumi airport on 5 January 2013 and subsequently deported.

Law enforcers are particularly pleased because they say Panin was just months away from releasing a new strain of SpyEye which could have caused “immeasurable losses” to the banking industry.

“It is difficult to overstate the significance of this case, not only in terms of bringing two prolific computer hackers to justice, but also in disrupting and preventing immeasurable financial losses to individuals and the financial industry around the world,” said Georgia DA, John Horn, in a statement. 

“The outstanding work by our law enforcement partners, both domestically and internationally, as well as terrific cooperation from the private sector, serves as a blueprint on how to combat complex cyber-crime syndicates around the world.”

Trend Micro was one of those private sector partners, providing vital information such as the online “handles” and accounts used by the duo, it revealed in a blog post.

As for law enforcement partners, the FBI were helped by the UK’s National Crime Agency, which arrested a British hacker, James Bayliss, in 2014 for his part in helping to code the ccgrabber plugin for SpyEye, according to Trend Micro.

“Taking down infrastructures and servers is but a short-term solution to the problem of cybercrime; to truly address cybercrime, the perpetrators themselves must be stopped,” the firm wrote.

It should be noted that other co-conspirators of the duo are likely still at large, as is the FBI’s most wanted cybercriminal – Evginy Bogachev, aka ‘Slavik’ – who originally passed the source code and rights for Zeus to Pavin.
Infosecurity: http://bit.ly/1ZEaimd

« Cyber "Best Practices" Are About To Change
Tracking Islamic State Impeded By Encryption »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Venable

Venable

Venable is an American Lawyer 100 law firm with nine offices across the USA, Practice areas include Cybersecurity.

SAI360

SAI360

SAI360 (formerly SAI Global) provide products and services for enterprise risk management including Governance, Risk & Compliance and Digital Risk solutions.

Avansic

Avansic

Avansic is a leading provider of e-discovery and digital forensics services to attorneys, litigation support teams, and business communities.

Truepic

Truepic

Truepic provides technologies that prevent fraud, identity theft, misinformation, and disinformation caused by generative, manipulated, or deepfake digital content.

Gradiant

Gradiant

Gradiant’s mission is to contribute to the growth and competitive improvement of Galician businesses through technology development and innovation using ICT.

Horiba Mira

Horiba Mira

Horiba Mira is a global provider of automotive engineering, research and test services including services and solutions for automotive cybersecurity.

bluedog Security Monitoring

bluedog Security Monitoring

Sentinel from bluedog provides powerful and affordable internal network monitoring.

Conference Index

Conference Index

Conference Index provides an indexed listing of upcoming meetings, seminars, congresses, workshops, summits and symposiums across a wide range of subjects including Cybersecurity.

Visium Technologies

Visium Technologies

Visium Analytics provides innovative data visualization, cybersecurity technologies and solutions to businesses to protect and secure their data assets.

Red Piranha

Red Piranha

Red Piranha's Crystal Eye Unified Threat Management Platform is designed for Managed Service Providers and corporations that need extreme security that is both easy to use and affordable.

Activu

Activu

Activu makes any information visible, collaborative, and proactive for people tasked with monitoring critical operations including network security.

Core Sentinel

Core Sentinel

Australia's #1 Penetration Testing Service. Make Your Systems Fully Compliant With Our OSCE CREST/CISA Certified Penetration Testing.

Enzen

Enzen

Enzen is a global knowledge practice that provides consulting, technology, engineering, operating and innovation services to the energy and utility sectors.

Swish Data Corp.

Swish Data Corp.

Swish delivers when the problems are complex, requirements are difficult, and the mission is absolutely critical.

Curatrix Technologies

Curatrix Technologies

Curatrix Technologies is a Managed IT Service provider based in Hampshire, UK, providing high quality and reliable Managed IT Services since 2015.

Tria Federal

Tria Federal

Tria Federal is the premier middle-market Technology and Advisory services provider delivering digital transformation solutions to federal health and public safety agencies.