SpyEye malware inventor pleads guilty to bank fraud

Aleksandr Panin is the alleged mastermind behind 1.4 million computers being infected with malicious software that's capable of stealing users' credit card and banking information.

Security vendors Versafe and Check Point Software Technologies illustrate how the SpyEye malware attacks work. Check Point/Versafe

The alleged architect of the bank-hacking malware SpyEye, which is said to have infected 1.4 million computers, has pleaded guilty to conspiracy to commit wire and bank fraud. The US Department of Justice announced Tuesday that Russian national Aleksandr Andreevich Panin was the primary developer and distributor of SpyEye.

"As several recent and widely reported data breaches have shown, cyber-attacks pose a critical threat to our nation's economic security," US Attorney of the Northern District of Georgia Sally Quillian Yates said in a statement. "Today's plea is a great leap forward in our campaign against those attacks. Panin was the architect of a pernicious malware known as 'SpyEye' that infected computers worldwide. He commercialized the wholesale theft of financial and personal information. And now he is being held to account for his actions. Cyber criminals be forewarned: you cannot hide in the shadows of the Internet. We will find you and bring you to justice."

Panin, 24, who went by the online aliases "Gribodemon" and "Harderman," allegedly created the SpyEye malicious software in 2009. The idea behind the virus is to remotely infect unsuspecting people's computers and then cybercriminals can access and steal financial information, like online banking credentials, credit card information, usernames, passwords, and PINs. Once this information is nabbed, the hackers can then transmit the data to C2 servers and steal money from people's accounts.

While Panin was allegedly the central developer of the malware, he worked with cohorts to market and sell SpyEye and other versions of the software. According to the Department of Justice, Panin reportedly sold versions of SpyEye on a scale of $1,000 to $8,500. Allegedly, he had at least 150 clients -- one of which reportedly made more than $3.2 million in a six-month period.

SpyEye was one of the most popular malware toolkits from 2009 to 2011, but, in recent years, it's dropped in use because it's been added to several malware removal programs. Nevertheless, cybercriminals are still using it. According to the Department of Justice, more than 10,000 bank accounts were breached by SpyEye since the beginning of 2013.

Interpol agents arrested Panin in the Dominican Republic in June, according to RT, and he was then handed over to US authorities. Four of Panin's colleagues have also since been arrested in the UK and Bulgaria.

Panin is scheduled to be sentenced on April 29 in the US District Court for the Northern District of Georgia.

Tags:
Security
About the author

Dara Kerr is a staff writer for CNET focused on the sharing economy and tech culture. She grew up in Colorado where she developed an affinity for collecting fool's gold and spirit animals.

 

Join the discussion

Conversation powered by Livefyre

Show Comments Hide Comments
Latest Galleries from CNET
Best cameras for foodie photographers (pictures)
10 mobile gadgets gone gonzo (pictures)
Apple in 2014: iPhone 6, iCloud hack, Beats and more (pictures)
The 12 most distinctive phones of 2014 (pictures)
Best mobile games of 2014
Nissan gives new Murano bold style (pictures)