Aleksandr Andreevich Panin, who's also known as "Gribodemon," pleaded guilty Tuesday to a single charge of conspiracy to commit mail fraud and wire fraud.
Another man, Hamza Bendelladj, was also indicted in the case and pleaded not guilty in May after being extradited from Thailand, where he was arrested a year ago.
Authorities say the 24-year-old Panin is the main author of SpyEye. The program is a banking Trojan, which was implanted onto computers to harvest financial information and drain bank accounts. Authorities have said the malware impacted 253 financial institutions and is responsible for untold amounts of financial theft.
Trojans such as SpyEye can be profitable for cybercriminals. A small group of hackers in Eastern Europe arrested in 2010 was able to steal about $70 million from companies, municipalities and churches in Europe and the U.S.
SpyEye was designed to automatically steal sensitive information - such as bank account credentials, credit card information, passwords and PIN numbers - after being implanted in victims' computers. After the program took control of a computer, it allowed hackers to use a number of covert techniques to trick victims into giving up their personal information - including data grabbing and presenting victims with a fake bank account page. The information was then relayed to a command and control server, which was used to access bank accounts.
Panin and Bendelladj were indicted in December 2011.
Bendelladj was on a trip from Malaysia to Egypt when he was arrested during a layover at an airport in Bangkok on Jan. 5, 2013. Police seized two laptops, a tablet computer, a satellite phone and external hard drives.
Authorities say the men developed and sold various versions of SpyEye and its components on the Internet between 2009 and 2011. Cybercriminals were able to customize their purchases to choose specific methods of gathering personal information from victims. They are also said to have advertised SpyEye on Internet forums focused on cybercrime and other criminal activity.
http://accesswdun.com/article/2014/1/270477