SpyEye bank account hack 'mastermind' pleads guilty

SpyEye The SpyEye toolkit automated the theft of credit card and bank account details

Related Stories

A Russian programmer accused of being the mastermind behind one of the most commonly used bank account hacking kits has pleaded guilty to a related charge in the US.

It is alleged that Aleksandr Panin developed SpyEye, Trojan malware that uses a variety of techniques to siphon off victims' savings.

Prosecutors said the code, which is still in use, had infected more than 1.4 million PCs since its 2009 release.

Panin's arrest had caused controversy.

The US authorities were only able to arrest him last July after he had been detained by police in the Dominican Republic while on holiday.

SpyEye SpyEye displayed a fake log-on page that asked for the Pin code, which would not normally be requested

His lawyer said that although the island never launched extradition proceedings, it put him on a plane to Atlanta where he was taken into custody.

The Russian Foreign Ministry has declared the action part of an "unacceptable" trend, saying that the US should instead submit requests for the arrest of Russian citizens to Moscow. There is no formal extradition treaty between the two countries.

Panin has pleaded guilty to a single count of conspiracy to commit bank fraud and wire fraud.

A second man indicted in the case, Hamza Bendelladj, pleaded not guilty in May. The case against him is still pending.

'Polished code'

Prosecutors said that SpyEye was sold for between $1,000 to $8,000 (£605 to £4,830) on underground forums.

The toolkit could be customised to:

  • monitor which keys were being typed
  • bring up fake account log-in pages from which bank and credit card details were stolen and automatically transmitted to a separate computer server
  • hijack computers to create botnets that could be used to send spam

The FBI said one client, known as Soldier, had claimed to have made $3.2m using the software over a six-month period, and that 10,000 bank accounts had been compromised by it last year.

SpyEye Part of the SpyEye user interface urged its users to "hack the planet"

Panin was "one of the pre-eminent cybercriminals that we've been able to apprehend and prosecute so far," said federal prosecutor John Horn.

"[He] wrote and polished the code for SpyEye until he had a product that experts described as professional grade."

Panin is due to be sentenced on 29 April.

Others have already been jailed for using the software and laundering the proceeds.

More on This Story

Related Stories

The BBC is not responsible for the content of external Internet sites

More Technology stories

RSS

Features & Analysis

  • SyedTanks instead of toys

    Lyse Doucet on the plight of children in Syria and Gaza


  • Silhouette of manSuper-shy

    Why do Germany's super-rich so often keep their heads down?


  • Children playing in Seoul fountainDay in pictures

    The best news photos from around the world in the past 24 hours


  • Gin drinkerMother's ruin

    The time was gin was full of sulphuric acid and turpentine


BBC Future

(Getty Images)

Interactive: How planes crash

Shedding light on air disasters Read more...

Programmes

  • The smartphones of shoppers being tracked in a storeClick Watch

    How free wi-fi can enable businesses to track our movements and learn more about us

BBC © 2014 The BBC is not responsible for the content of external sites. Read more.

This page is best viewed in an up-to-date web browser with style sheets (CSS) enabled. While you will be able to view the content of this page in your current browser, you will not be able to get the full visual experience. Please consider upgrading your browser software or enabling style sheets (CSS) if you are able to do so.