SpyEye Trojan creators Aleksandr Panin, Hamza Bendelladj Sentenced To 15 & 9 Years In Prison

The dreaded SpyEye trojan creators were sentenced to long prison term by a US court, the US Department of Justice has announced. A judge sentenced two hackers involved in the creation, maintenance, and marketing of the SpyEye financial botnet to a combined sentence of 24 years in prison.

One of the two sentenced is Aleksandr Andreevich Panin, 27, from Russia. Panin was known in the cyber crime world by his handle, ‘Gribodemon’ and ‘Harderman.’ Panin was the mastermind behind the malware banking Trojan that allowed cybercriminals to infect millions of computers and drain bank accounts worldwide, has been sentenced to nine and half years in a US federal prison. The US Justice Department said on 20 April that his accomplice, Hamza Bendelladj, 27, from Algeria and known online as Bx1, who sold versions of SpyEye online and used it to steal financial information, was sentenced to 15 years.

The sentencing brings to a culmination of a case which was first hit limelight when Panin pleaded guilty to developing SpyEye in January, 2014. SpyEye malware affected nearly 14 million computers infecting around 10,000 Bank accounts at 235 financial institutions.

Panin operated his cyber crimeware empire from Russia since 2009, and he along with Hamza used to sell  “SpyEye” online for $1000 to $10,000. Panin has sold this malware to more than 150 Cyber criminals, according to FBI. One of the Panin’s client is believed to have stolen $3.2 million during 6 month period using “SpyEye“ malware.

The Department of Justice also explained the crimes performed using SpyEye in this statement:



“Until dismantled by the FBI, SpyEye was the preeminent malware banking Trojan from 2010-2012, used by a global syndicate of cyber criminals to infect over 50 million computers, causing close to $1 billion [£700m] in financial harm to individuals and financial institutions around the globe.”

The FBI used a honeypot campaign to arrest Panin by approaching him as a buyer for SpyEye malware. Released in 2009, SpyEye was a type of Trojan virus that secretly implanted itself onto a victim’s computer to steal personal information including bank account details, credit card information, passwords and PINs. It also allowed hackers to trick victims into surrendering personal information using fake bank account pages, once the virus took over a computer. The stolen information was then relayed to criminals and the control server was used to access the victim’s accounts.

The malware offered easy to use and operate UI making it favourite among cyber criminals and driving up buyers for Panin and Humza.

Panin’s partner in crime, Humza accepted that he transmitted more than one million spam emails containing strains of SpyEye and related software to computers in the United States, resulting in hundreds of thousands of computers getting infected.

Humza was arrested in January 2013, in Bangkok while in transit from Malaysia to Algeria and was extradited to the United States later that year. Panin was arrested in July 2013 at Atlanta airport and subsequently pleaded guilty to all 23 charges in the indictment including wire fraud and bank fraud in January 2014. Humza also pleaded guilty to all counts in June 2015. The police in UK and Bulgaria also managed to arrest four of Panin’s SpyEye clients.

After his arrest, the FBI officials discovered that Panin was planning to release a new strain of SpyEye dubbed “SpyEye 2.0.” If launched, officials said it “would have been one of the most prolific and undetectable botnets distributed to date, and could cause immeasurable losses to the international banking industry and individuals around the world.” However, his arrest brought down the curtains on one of the deadliest malware operations.