Pankov faces up to 47 years in prison on charges of conspiracy, access device fraud, and computer fraud.
NLBrute Malware Earns $350,000 Payday
According to a press release from the Department of Justice, Pankov developed and used the NLBrute malware — capable of decrypting passwords — to steal credentials of “tens of thousands of computers located all over the world.” The indictment alleges that Pankov — who also goes by the online alias “dpxaker” — made over $350,000 from his malicious activities between August 2016 and January 2019. However, the allegations against Pankov do not end there. According to the authorities, Pankov’s operations ran much deeper. They claim the accused sold the stolen credentials on a dark web market, specializing in the trade of access to compromised devices. “Once sold, those credentials were used to facilitate a wide range of illegal activity, including ransomware attacks and tax fraud. Pankov listed the credentials of more than 35,000 compromised computers for sale on the website, and obtained more than $350,000 in illicit proceeds,” the press release states. The indictment claims the accused ran an operation where he marketed and sold copies of his malware to other underworld actors for a price.
Details of Pankov’s Arrest
Georgian authorities detained Pankov in the Republic of Georgia — which borders Russia — on Oct. 4, 2022. Consequently, the authorities extradited Pankov to the United States, where he appeared before a judge on Feb. 21, 2023. The investigation and subsequent arrest were the results of a joint effort led by the IRS and the FBI. The DOJ’s Office of International Affairs and United States Marshals Service also provided assistance. “This investigation also benefited from foreign law enforcement cooperation by the Georgian Prosecutor General’s Office, Ministry of Justice, and Ministry of Internal Affairs. It will be prosecuted by Assistant United States Attorney Carlton C. Gammons,” the U.S. Attorney’s Office for the Middle District of Florida said. The arrest follows a Boston federal grand jury’s conviction of a Russian businessman a few weeks ago for his role in a $90 million hack-and-trade scheme. Access to several thousand computers and other smart devices can allow a malicious actor to operate a botnet. Readers concerned about their online safety should install an antivirus if they haven’t done so already. Our list of the best antivirus software of 2023 is a great place to start.