SpyEye bank account hack 'mastermind' pleads guilty

SpyEye The SpyEye toolkit automated the theft of credit card and bank account details

Related Stories

A Russian programmer accused of being the mastermind behind one of the most commonly used bank account hacking kits has pleaded guilty to a related charge in the US.

It is alleged that Aleksandr Panin developed SpyEye, Trojan malware that uses a variety of techniques to siphon off victims' savings.

Prosecutors said the code, which is still in use, had infected more than 1.4 million PCs since its 2009 release.

Panin's arrest had caused controversy.

The US authorities were only able to arrest him last July after he had been detained by police in the Dominican Republic while on holiday.

SpyEye SpyEye displayed a fake log-on page that asked for the Pin code, which would not normally be requested

His lawyer said that although the island never launched extradition proceedings, it put him on a plane to Atlanta where he was taken into custody.

The Russian Foreign Ministry has declared the action part of an "unacceptable" trend, saying that the US should instead submit requests for the arrest of Russian citizens to Moscow. There is no formal extradition treaty between the two countries.

Panin has pleaded guilty to a single count of conspiracy to commit bank fraud and wire fraud.

A second man indicted in the case, Hamza Bendelladj, pleaded not guilty in May. The case against him is still pending.

'Polished code'

Prosecutors said that SpyEye was sold for between $1,000 to $8,000 (£605 to £4,830) on underground forums.

The toolkit could be customised to:

  • monitor which keys were being typed
  • bring up fake account log-in pages from which bank and credit card details were stolen and automatically transmitted to a separate computer server
  • hijack computers to create botnets that could be used to send spam

The FBI said one client, known as Soldier, had claimed to have made $3.2m using the software over a six-month period, and that 10,000 bank accounts had been compromised by it last year.

SpyEye Part of the SpyEye user interface urged its users to "hack the planet"

Panin was "one of the pre-eminent cybercriminals that we've been able to apprehend and prosecute so far," said federal prosecutor John Horn.

"[He] wrote and polished the code for SpyEye until he had a product that experts described as professional grade."

Panin is due to be sentenced on 29 April.

Others have already been jailed for using the software and laundering the proceeds.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

BBC Future

(USAF)

Secrets of the aircraft boneyards

The vast storage sites for surplus planes Read more...

Programmes

  • Bitcoin logoClick Watch

    The developer behind the new Bitcoin tech on the fears it will hide criminal activity

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.