Two international computer hackers; Aleksandr Andreevich Panin, a/k/a Gribodemon, of Russia, and Hamza Bendelladj, a/k/a Bx1, of Algeria, have been sentenced to a combined 24 years, six months in prison for their roles in developing and distributing the prolific malware known as SpyEye, which caused hundreds of millions of dollars in losses to the financial industry around the world.
According to U.S. Attorney Horn, the charges and other information presented in court: Until dismantled by the FBI, SpyEye was the preeminent malware banking Trojan from 2010-2012, used by a global syndicate of cybercriminals to infect over 50 million computers, causing close to $1 billion in financial harm to individuals and financial institutions around the globe.
SpyEye was designed to automate the theft of confidential personal and financial information, such as online banking credentials, credit card information, usernames, passwords, PINs, and other personally identifying information. The malware facilitated its theft of personal and confidential information by secretly infecting victims computers, enabling cybercriminals to remotely control the infected computers through command and control (‘C2’) servers. Once a computer was infected and under their control, cybercriminals remotely accessed the infected computers, without authorization, and stole victims personal and financial information through a variety of techniques, including ‘web injects,’ ‘keystroke loggers,’ and ‘credit card grabbers.’ The victims stolen personal and financial data was then surreptitiously transmitted to the C2 servers, where it was used to, among other things, steal money from the victims financial accounts. (Source: U.S. Department of Justice)