Jump to content
  • Russian malware dev behind NLBrute hacking tool extradited to US

    alf9872000

    • 425 views
    • 2 minutes
     Share


    • 425 views
    • 2 minutes

    A Russian malware developer accused of creating and selling the NLBrute password-cracking tool was extradited to the United States after being arrested in the Republic of Georgia last year on October 4.

     

    Also known as dpxaker, Dariy Pankov is now charged with access device fraud and computer fraud and faces a maximum sentence of 47 years in federal prison if convicted on all counts.

     

    "The powerful malware was capable of compromising protected computers by decrypting login credentials, such as passwords," the Justice Department said in a press release on Wednesday.

     

    "Pankov used NLBrute to obtain the login credentials of tens of thousands of computers located all over the world. He marketed, sold, and had others sell on his behalf, NLBrute to other cybercriminals for a fee."

     

    The suspect also sold credentials he stole from his victims on a dark web marketplace where cybercriminals were selling access to compromised devices and networks.

     

    Those who bought the stolen login information used it in various malicious campaigns, ranging from tax fraud and ransomware attacks.

    At least $350,000 obtained from selling stolen credentials

    The investigators could trace $358,437 withdrawn by Pankov from the illegal marketplace between August 2016 and January 2019, obtained from selling access to hacked computers.

     

    According to the indictment, among the tens of thousands of stolen credentials he put for sale, the defendant also sold the login information of a law firm in the Middle District of Florida to an undercover law-enforcement officer for $19.25 on June 15, 2018.

     

    NLBrute was also used by threat actors linked to multiple Ransomware-as-a-Service (RaaS) operations, including REvilDharma, and Netwalker, to brute force their way into victims' Remote Desktop Protocol (RDP) servers and further compromise their networks.

     

    Last week, the Justice Department announced that Russian national Vladislav Klyushin was convicted of his involvement in a hacking scheme that led to $90 million in illegal profits via securities trades based on non-public info stolen from U.S. networks.

     

    In January, the Russian founder of the Hong Kong-registered cryptocurrency exchange Bitzlato was also arrested and charged with helping cybercriminals launder illegally obtained money.

     


    User Feedback

    Recommended Comments

    There are no comments to display.



    Join the conversation

    You can post now and register later. If you have an account, sign in now to post with your account.
    Note: Your post will require moderator approval before it will be visible.

    Guest
    Add a comment...

    ×   Pasted as rich text.   Paste as plain text instead

      Only 75 emoji are allowed.

    ×   Your link has been automatically embedded.   Display as a link instead

    ×   Your previous content has been restored.   Clear editor

    ×   You cannot paste images directly. Upload or insert images from URL.


  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...