Aleksandr Andreevich Panin, a Russian national also known as “Gribodemon” and “Harderman,” has pleaded guilty to conspiracy to commit wire and bank fraud for his role as the primary developer and distributor of the malicious software known as “SpyEye,” says the Department of Justice. According to industry estimates, SpyEye has infected over 1.4 million computers in the United States and abroad.
According to the charges and other information presented in court, SpyEye is a sophisticated malicious computer code that is designed to automate the theft of confidential personal and financial information, such as online banking credentials, credit card information, usernames, passwords, PINs, and other personally identifying information. The SpyEye virus facilitates this theft of information by secretly infecting victims’ computers, enabling cyber criminals to remotely control the infected computers through command and control (C2) servers. Once a computer is infected and under their control, cyber criminals can remotely access the infected computers, without authorization, and steal victims’ personal and financial information through a variety of techniques, including “web injects,” “keystroke loggers,” and “credit card grabbers.” The victims’ stolen personal and financial data is then surreptitiously transmitted to the C2 servers, where it is used to steal money from the victims’ financial accounts.
Trend Micro’s Forward-looking Threat Research (FTR) Team, Microsoft’s Digital Crimes Unit, Mandiant, Dell SecureWorks, Trusteer and the Norwegian Security Research Team known as “Underworld.no” assisted in the investigation.