The Russian creator of a computer program that American law enforcement claim drained bank accounts in a variety of countries was sent to federal prison for 9.5 years.
Known online as “Gribodemon” and “Harderman,” Aleksandr Panin was sentenced in Atlanta after being accused of creating the malware program SpyEye. Panin sold the software through a variety of online cybercrime forums.
Panin pleaded guilty in January 2014, to conspiracy to commit wire and bank fraud for his role in the development and sale of SpyEye.
SpyEye is an advanced malevolent computer code devised to automate the appropriation of financial information including banking paperwork, credit card data, usernames, and passwords. The virus assists in the theft of data by infecting victims’ computers which then allows cyber crooks to remotely command the infected computers. Once infected, the computers give cyber swindlers access, and the stolen financial data is then sent to command and control (C2) servers, where it is employed to take money from financial accounts.
Panin was the principal developer and merchant of SpyEye. From 2009 until 2011, Panin operated from Russia where he conspired with others, including codefendant Hanza Bendelladj, an Algerian national. Panin permitted cyber crooks to customize their purchases to include customized methods for obtaining victims’ personal data as well as marketing versions that targeted financial institutions. Advertised on invitation-only criminal forums, Panin sold a variety of versions for as much as $8,500. Panin is thought to have marketed the virus to somewhere above 140 clients who then set up their own C2 services.
Industry experts believe the virus infected over 1.3 million computers in America as well as globally. The virus was the pre-eminent malware toolkit from 2009 until 2011; it is still available and in use. Based on data from the financial services industry, over 10,000 bank accounts were compromised by the SpyEye virus in 2013 alone.Despite its effectiveness being limited since software makers added the virus to malicious software removal programs, some cyber crooks continue to use it today.
Bendelladj was picked up at Bangkok’s Suvarnabhumi Airport in January 2013. Extradited from Thailand to American in Mary 2013, Bendelladj faced charges in the Northern District of Georgia in the US.
Panin, 27, of Tiver Russia was sentenced by Federal District Court Judge Amy Totenberg to nine years and six months in prison. He will have to fulfill three years of managed freedom when he gets out.
Bendelladj, 27, of Tizi Ouzou, Altera was also sentenced by Judge Totenberg. Bendelladj was given 15 years in prison, also to be followed by three years of supervised release.
Panin Beats Decades in Prison
Panin’s attorney, Arkady Bukh, is an experienced criminal defense attorney in New York City. Bukh’s client roster looks like a Hall of Fame of CyberHackers, and he has successfully defended dozens of defendant’s over the years.
Panin is one of the fortunate ones to have retained Bukh. Initially facing decades behind bars, Panin will be out in nine — even earlier for good behavior.