SpyEye creator Alexander Panin stood with his attorney and entered a guilty plea Tuesday in the federal court in Atlanta, Georgia. Accused in 2013 for spreading a malicious form of malware called SpyEye, Panin accepted responsibility for millions of dollars that his creation had stolen from business and individuals.
Panin was taken into custody while on vacation in the Dominican Republic in June 2013. Following his arrest, he was transported to a US detention facility without the consent or knowledge of Russian authorities. The arrest prompted a diplomatic dust up between the US and Russia. A spokesman for the Russian Foreign Ministry Information department said that Russia was concerned that the US would arrest a Russian citizen in a third county. The spokesman went on to say that Russia feels the trend of America picking up Russian citizens has become totally unacceptable.
America has had many challenges in getting suspects from Russia brought to trial. Much of the hacking activity which is targeted at America starts in the Balkans. Since Russia and the US don’t have extradition treaties, arrest and prosecution can be problematic.
Panin’s big mistake, which led to his arrest, was taking a vacation in the summer of 2013. When he traveled to the Dominican Republic, which is on friendly terms with the US, Dominican police detained him at the request of officials in the US. Without a formal extradition, Dominican officials put Panin on a plane to Atlanta. When the plane landed and Panin deboarded, American federal agents took him into custody.
Saying that America is “abducting” Russian natives, Russia issued a warning in September to its citizens. Those that suspect they have cases pending against them in the US should “…avoid traveling overseas,” said a Russian Embassy spokesman.
A source at the Dominican Embassy in Washington said the Dominican Republic guarantees the rights of persons extradited and strictly follows the policies and procedures as spelled out in its extradition treaty with the US.
At the time of Panin’s arrest, he was on Interpol’s “red list” of most wanted. Sources said he was wanted on charges of Internet banking thefts, which totaled more than $5 million.
SpyEye is malware which permits people to create botnets — a labyrinth of zombie computers — which can be managed remotely to carry out cyber thefts.
Microsoft led an intense effort in March 2013 to render ineffective a large amount of the SpyEye botnets. The computer software giant also released email addresses linked to the author of SpyEye who used the online aliases Gribodemon and Harderman.
SpyEye obtained financial information as well as personal identification stored on computers globally. Using the information, those behind the crime would transfer money from a victims’ bank account to accounts controlled by criminals.
SpyEye had been sold from 2009 through 2011 and more than 150 people had purchased it at a cost of anywhere from $1,000 to $8,500 based on which version the customer was interested in. Panin was caught when he sold his malware online to an undercover FBI agent.
A website, SpyEye Tracker, which monitors the malware, said it saw new activations of the software drop steeply simultaneously with the Microsoft effort and it hasn’t bounced back yet.
The malware, authored by Panin, hid on users’ computers where it would copy information entered into banking websites. One version of the software would copy keystrokes and still another would present a fake banking site that would trick users into entering their financial information.
One SpyEye user claims to have made $3.2 million during a six-month period. The FBI estimates that approximately 10,000 bank accounts were affected in 2013.
Panin’s attorney, Arkady Bukh, comments that pleading guilty does not mean a person will be sentenced overnight. Usually, after some time lapses, the judge will review the recommendations of the agents assigned to the case and defense team arguments. This can take months and, in some cases, years. However, a certain leniency can be expected to a person saving valuable financial and prosecutorial resources for the government.
Panin is now scheduled for sentencing in April for his part in the creation of SpyEye malware.
By Jerry Nelson