A 28-year-old Russian malware developer was extradited to the US where he could face up to 47 years in federal prison for allegedly creating and selling a malicious password-cracking tool. Dariy Pankov, also known as “dpxaker,” developed what the US Department of Justice (DOJ) called “powerful” password-cracking program that he marketed and sold to other cyber criminals for a small bitcoin fee. This case as reported by Recorded Future.
The tool called NLBrute, is a so-called brute-forcing tool that automates the process of trying every possible combination of characters, numbers, or symbols in order to uncover a password, encryption key, or other secret code. Pankov sold credentials stolen with the help of NLBrute from over 35,000 computers on Darknet marketplaces, making more than $350,000 in illicit proceeds between August 2016 and January 2019.[1]
Cyber criminals used the purchased data for ransomware attacks and tax fraud, the US Attorney’s Office for the Middle District of Florida said in a statement this past week. Pankov’s victims were located in the US, France, the UK, Italy, and Australia.
Pankov was arrested in the country of Georgia last October and is charged with conspiracy, access device fraud, and computer fraud. If convicted on all counts, he could face a maximum penalty of 47 years in federal prison. The indictment accuses Pankov of earning at least $358,437 by selling NLBrute on an unidentified criminal marketplace from August 2016 through January 2019. He also had a sideline in cracked credentials. In 2018, he sold a US undercover police office a cracked credential including password for $19.25.[2] The US plans to seize $350,000 from him. Pankov made an initial appearance in a US federal court in Tampa on 21 February and plead not guilty.
News of Pankov’s arrest follows the indictment of four Russian nationals this week for their involvement in a decentralized finance (DeFi) cryptocurrency investment platform that the DOJ believes was a Ponzi scheme.
Red Sky Alliance is a Cyber Threat Analysis and Intelligence Service organization. For questions, comments or assistance, please contact the office directly at 1-844-492-7225, or feedback@wapacklabs.com
Weekly Cyber Intelligence Briefings:
- Reporting: https://www. redskyalliance. org/
- Website: https://www. wapacklabs. com/
- LinkedIn: https://www. linkedin. com/company/64265941
Weekly Cyber Intelligence Briefings:
REDSHORTS - Weekly Cyber Intelligence Briefings
https://attendee.gotowebinar.com/register/5504229295967742989
[1] https://therecord.media/russian-accused-of-developing-password-cracking-tool-extradited-to-us/
[2] https://www.bankinfosecurity.com/nlbrute-malware-developer-pleads-guilty-in-us-court-a-21297
Comments