Russian cyber-attacker pleads guilty to federal charge

A Russian man known as “Gribodemon” pleaded guilty Tuesday in Atlanta for his role in developing and distributing malicious software that infected more than 1.4 million computers in the U.S. and abroad.

Aleksandr Andreevich Panin was the architect of the pernicious malware known as “SpyEye,” which allowed cybercriminals to pillage confidential personal information and financial accounts, federal authorities said.

Panin’s guilty plea “removes from the shadows of the Internet one of the main architects of malware used to commit cybercrime,” First Assistant U.S. Attorney John Horn said.

Panin, 24, pleaded guilty to a single count of conspiring to commit wire and bank fraud. He is scheduled to be sentenced April 29.

Operating from inside Russia from 2009 to 2011, Panin sold the “SpyEye” software, which infiltrated more than 250 financial institutions and infected hundreds of thousands of computers wordwide.

“Once infected, these computers were open doors for criminals to harvest bank accounts and credit card information and log-in passwords and PINs, as well as a trove of other personal information,” Horn said. This allowed thieves to withdraw savings, rack up phony credit card charges or sell the information on the black markets used by identity thieves, Horn said.

Panin sold “SpyEye” to an estimated 150 customers for prices ranging from $1,000 to more than $8,000. One customer, whom Horn identified only as “Soldier,” stole more than $3.2 million over a six-month period using the “SpyEye” software.

Results like this made “SpyEye” and “Gribodemon” infamous in cybercrime circles around the word, Horn said.

An FBI investigation into the cyber attacks led to an undercover purchase of the software from Panin in 2011. Panin was arrested July 1 when he arrived in Atlanta on a flight into Hartsfield-Jackson International Airport, Horn said.

Federal prosecutors in Atlanta unsealed Panin’s indictment Tuesday when he entered his guilty plea. A co-defendant, Hamza Bendelladj, an Algerian national known as “Bx1,” was a customer of Panin’s and was extradited to Atlanta last year from Thailand. His case is still pending.

The “SpyEye” program was one of the more dangerous of its kind on the Internet because it allowed cyber criminals to steal people’s identities and money without their knowledge, Ricky Maxwell, acting Special Agent in Charge of the FBI field office in Atlanta, said.

“The apprehension of Mr. Panin means that one of the world’s top developers of malicious software is no longer in a position to create computer programs that can victimize people around the world,” Maxwell said.