The FBI has announced that one of the main creators of the SpyEye banking malware kit has pled guilty in an Atlanta, Georgia court.
Aleksandr Andreevich Panin, a Russian national, admitted to being one of the primary developers and distributors of the banking malware, designed to compromise PCs and connect them to botnets of similarly backdoored systems.
The main purpose of the hijacks was to harvest banking login details through various methods, and feed data back to its operators. Later versions also targeted Android phones.
Panin’s creation formed the basis of a major commercial enterprise, with the malware sold to over 150 clients through underground cybercrime forums.
These clients then ran their own operations, between them infecting upwards of 1.4 million systems and stealing huge amounts of money from compromised bank accounts – one operator alone is thought to have scooped up over $3 million in just six months, and over 10,000 bank accounts are thought to have been accessed in 2013 alone.
Panin was not alone in heading up the operation, and the case against one alleged co-conspirator, Algerian national Hamza Bendelladj, continues to build.
The investigation hinged on the seizure of a command-and-control server in the Northern District of the US state of Georgia in early 2011. Following this, undercover FBI agents contacted Panin to buy a copy of his malware, reported to be selling for between $1000 and $8500.
This led to a 23-count indictment being brought in December 2011, covering Panin and Bendelladj. Bendelladj was picked up at an airport in Thailand en route to Algeria, and extradited to the US in May of 2013.
Panin made the mistake of taking a flight connecting through Atlanta airport, and he was arrested there in July 2013. His guilty plea was entered on 28 January 2014, and he is scheduled for sentencing in April 2014.
At least four other arrests have been made in connection with Panin and SpyEye, in territories including the UK and Bulgaria.
The FBI also credit fellow law enforcement agencies in Australia, the Netherlands, the Dominican Republic and Thailand, making for another major global case showing impressive cooperation across borders.
This success seems to undermine the recent gripes of a top UK lawyer, who complained that police don’t make enough effort to combat cybercrime and banking fraud.