SpyEye malware creator Aleksandr Panin pleads guilty

Graham Cluley
Graham Cluley
@
@[email protected]
@gcluley

Aleksandr PaninThe primary developer of the notorious SpyEye banking malware has pleaded guilty to conspiracy to commit wire and bank fraud, in relation to his role in a cybercriminal campaign that has infected over 1.4 million computers worldwide.

SpyEye, a variant of the Zeus banking Trojan, is used by criminal gangs to help them break into victims’ online bank accounts and steal personally identifiable information. Sold on the criminal underground as a kit for between $1,000 to $8,500, hackers could take SpyEye and customise it for their own malicious purposes.

Once computers have become infected by SpyEye, online criminals are able to remotely control them, logging keystrokes and stealing personal and financial data that is silently transmitted to servers under the hackers’ control.

According to a Department of Justice press release, Russian national Aleksandr Andreevich Panin (who used the online handles “Gribodemon” and “Harderman”) has now admitted his involvement.

Sign up to our free newsletter.
Security news, advice, and tips.

“The apprehension of Mr. Panin means that one of the world’s top developers of malicious software is no longer in a position to create computer programs that can victimize people around the world. Botnets such as SpyEye represent one of the most dangerous types of malicious software on the Internet today, which can steal people’s identities and money from their bank accounts without their knowledge. The FBI will continue working with partners domestically and internationally to combat cyber-crime.”

Between 2009 and 2011, Panin operated from his Russian base, conspiring with others to develop, market and sell versions of SpyEye to other online criminals. In all, Panin is thought to have sold the SpyEye malware kit to over 150 criminals. One of them, using the name “Soldier” is reported to have used SpyEye to earn more than $3.2 million in just six months.

Panin’s cybercrime career came unstuck, however, when he took a holiday in the Dominican Republic last summer. Without formally extraditing him, local police threw him onto a plane to the United States where he was arrested by federal agents.

The nature of Panin’s arrest raised controversy in Russia, where the foreign affairs ministry warned citizens who believed they might have charges raised against them to avoid travelling overseas.

Arrests at airports appears to have become a theme in the apprehension of the key individuals involved in the SpyEye malware case.

Amongst Panin’s alleged conspirators was Hamza Bendelladj, aka “Bx1,” who smiled broadly as he was paraded before the media after his arrest at Bangkok’s Suvarnnabhumi airport in January 2013, as he was in transit from Malaysia to Egypt.

Bendelladj was subsequently extradited to the United States, and is currently pending charges.

Sentencing for Panin is scheduled for April 29, 2014.


Graham Cluley is an award-winning keynote speaker who has given presentations around the world about cybersecurity, hackers, and online privacy. A veteran of the computer security industry since the early 1990s, he wrote the first ever version of Dr Solomon's Anti-Virus Toolkit for Windows, makes regular media appearances, and is the co-host of the popular "Smashing Security" podcast. Follow him on Twitter, Mastodon, Threads, Bluesky, or drop him an email.

2 comments on “SpyEye malware creator Aleksandr Panin pleads guilty”

  1. 0x003

    2nd paragraph, type as bamk instead of bank

    1. Graham CluleyGraham Cluley · in reply to 0x003

What do you think? Leave a comment

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.