The creators of banking trojan SpyEye have been sentenced to a combined 24 years in prison. In total, the trojan caused almost $1 billion losses across the globe from infecting more than 50 million computers. Aleksandr Andreevich Panin and Hamza Bendelladj were guilty of creating and selling the trojan.
A statement released by the U.S. Department of Justice revealed that SpyEye's chief developer and distributor Alesandr Andreevich Panin, a Russian, was sentenced nine years and six months in federal prison. On the other hand, Hamza Bendelladj, also known as Bx1, who is an Algerian, received a 15-year sentence in prison term.
Panin, also known by his hacker aliases "Gribodemon" and "Harderman," received the source code to a crimeware platform, dubbed ZeuS, in 2010, as reported by ars technica. From 2009 to 2011, he develops the banking trojan SpyEye based on ZeuS source code, along with other hackers. The trojan is believed to have borrowed liberally from Zeus.
One of Panin's main partner in creating SpyEye, Bendelladj, helped in developing the trojan's add-ons, enabling it to automate the theft of funds from victim bank accounts and further spread malware. He also contributed to the distribution of the trojan. He transmitted more than one million spam e-mails with SpyEye to computers in the U.S. From that efforts, he infected hundreds of thousands in the country.
U.S. Attorney John Horn noted the significance of this case, which had caused more than $1 billion in losses and had infected more than 50 million computers. "It is difficult to overstate the significance of this case, not only in terms of bringing two prolific computer hackers to justice but also in disrupting and preventing immeasurable financial losses to individuals and the financial industry around the world," he stated.
Tech Times elaborated how the trojan works. It was mechanically capable of stealing confidential data, including usernames, PINs, passwords, banking credentials, credit card details, as well as other financial and personal data. SpyEye was also able to infect the computer, giving hackers the ability to control the compromised computers remotely.
According to PC, Panin was planning to release the newest version of the SpyEye. The improved version of one of the world's most prolific banking trojans is dubbed "SpyEye 2.0," as reported by federal investigators. These arrests are appreciated to have protected the public from the threats posed by the new and highly sophisticated version of SpyEye.
Two of the creators of banking trojan SpyEye is sentenced to a combined of 24 years in federal prison. The arrest was done when the new version of the trojan is ready to be released. From 2010 to 2012, SpyEye had already caused almost $1 billion in losses.