SpyEye Masterminds Begin 24 Year Sentence

Uploaded on 2016-05-11 in NEWS-Cybersecurity News, GOVERNMENT-Law Enforcement, FREE TO VIEW

US law enforcers are patting themselves on the back recently after the sentencing of the two men behind the notorious SpyEye banking malware, for a total of 24 years.

Russian Aleksandr Andreevich Panin, aka ‘Gribodemon,’ was handed down nine and a half years for his part as the primary developer and distributor of the malware, which caused losses of nearly $1 billion and infected over 50 million computers across the globe between 2010-2012, the DoJ said.

Algerian Hamza Bendelladj, aka ‘BX1,’ was given 15 years for sending over a million malware-laden spam emails, as well as selling malicious plug-ins for botnets, causing millions in losses to individuals and financial institutions, and running a carding forum: VCC.sc.

Panin was arrested on 1 July 2013, when he flew through Hartsfield-Jackson Atlanta airport, while Bendelladj was cuffed in Bangkok’s Suvarnabhumi airport on 5 January 2013 and subsequently deported.

Law enforcers are particularly pleased because they say Panin was just months away from releasing a new strain of SpyEye which could have caused “immeasurable losses” to the banking industry.

“It is difficult to overstate the significance of this case, not only in terms of bringing two prolific computer hackers to justice, but also in disrupting and preventing immeasurable financial losses to individuals and the financial industry around the world,” said Georgia DA, John Horn, in a statement. 

“The outstanding work by our law enforcement partners, both domestically and internationally, as well as terrific cooperation from the private sector, serves as a blueprint on how to combat complex cyber-crime syndicates around the world.”

Trend Micro was one of those private sector partners, providing vital information such as the online “handles” and accounts used by the duo, it revealed in a blog post.

As for law enforcement partners, the FBI were helped by the UK’s National Crime Agency, which arrested a British hacker, James Bayliss, in 2014 for his part in helping to code the ccgrabber plugin for SpyEye, according to Trend Micro.

“Taking down infrastructures and servers is but a short-term solution to the problem of cybercrime; to truly address cybercrime, the perpetrators themselves must be stopped,” the firm wrote.

It should be noted that other co-conspirators of the duo are likely still at large, as is the FBI’s most wanted cybercriminal – Evginy Bogachev, aka ‘Slavik’ – who originally passed the source code and rights for Zeus to Pavin.
Infosecurity: http://bit.ly/1ZEaimd

« Cyber "Best Practices" Are About To Change
Tracking Islamic State Impeded By Encryption »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity, Inc.

Resecurity, Inc.

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

IGEL Technology

IGEL Technology

IGEL Technology is one of the world's leading thin client vendors. Thin clients increase data security and compliance.

Protegrity

Protegrity

Protegrity is an enterprise and cloud data security software for data-centric encryption and tokenization to protect sensitive data while maintaining usability.

Secure Thingz

Secure Thingz

Secure Thingz focus on developing and delivering advanced security solutions into the emerging Industrial Internet of Things (IIoT) and Critical Infrastructure markets.

Malleum

Malleum

MALLEUM are specialists in penetration testing and security assessments. We think like hackers – and act like them – to disclose discreet dangers to your organization.

Sweepatic

Sweepatic

The Sweepatic reconnaissance platform discovers and analyses all internet facing assets and their exposure to risk.

European Cyber Security Conference

European Cyber Security Conference

EU Cyber Security Conference will debate what Europe’s response to evolving threats in a dynamic global risk landscape should look like and what the next steps for all actors of the ecosystem.

Exire Technologies

Exire Technologies

Exire Technologies is comprised of a team of professionals who are specialised in cybersecurity and a value added reseller and integrator of ICT security systems.

Open Systems

Open Systems

Open Systems is a Secure Access Service Edge (SASE) pioneer delivering a complete solution to network and security.

Etonwood

Etonwood

Etonwood specialises in infrastructure and vendor technology recruitment in areas including cloud platforms, cyber security and service management.

Blaick Technologies

Blaick Technologies

Blaick is an Israeli cyber-security company which deploys proprietary Artificial Intelligence threats detection technology for early prevention of online cyber crime.

Charterhouse Voice & Data

Charterhouse Voice & Data

Charterhouse is your trusted technology partner - designing, provisioning and supporting the technology that underpins your operations including network security and data compliance.

Qascom

Qascom

Qascom is an engineering company offering security solutions in satellite navigation and space cybersecurity. We are one of the European key players in GNSS authentication and security.

Protectt.ai Labs

Protectt.ai Labs

Protectt.ai Labs is India’s first mobile security start up building awareness & providing solutions for mobile app, device & transaction security.

Scybers

Scybers

Scybers are a global cybersecurity advisory and managed services company. With our deep expertise, we help our clients reduce their cyber risks with confidence.

Serbus

Serbus

Serbus Secure is a fully managed suite of secure communication, enterprise mobility and mobile device security tools.

Secure Domains

Secure Domains

Secure Domains is the first company in the GCC to offer cloud-based DNS firewall services and security through its flagship SaaS product, DNS Armor.