Hacker from Russia faces up to 47 years in prison for creating and selling malicious application

A Russian hacker accused of developing the NLBrute malware faces up to 47 years in prison for using the tool «to create a criminal empire.»

According to the US Department of State, Darius Pankov, also known as dpxaker, created the NLBrute malware that compromised Windows credentials on systems with insecure RDP (Remote Desktop Protocol). Pankov was arrested in Georgia 4 months ago and recently extradited to the United States.

According to the case file, between 2016 and 2019, Pankov earned hundreds of thousands of dollars by selling NLBrute to other attackers for $ 250 in bitcoin. The offender, according to the documents, sold stolen credentials on the darknet so that cybercriminals could use them in further attacks. In total, Pankov put up for sale login credentials for more than 35,000 computers from around the world. Among the compromised systems were two unnamed American law firms in Florida.

Pankov was charged with conspiracy, access device fraud, and computer fraud. His probable sentence is 47 years in prison. The US authorities also plan to seize $ 358,437, which they associate with Pankov’s crimes.

As a reminder, information about the possible exchange of Russian Alexander Vinnik, accused of laundering at least $ 9 billion through the bitcoin exchange BTC-e, has appeared online. The U.S. authorities suspect that Vinnik was collaborating with Russian intelligence. According to the investigation, the funds that passed through BTC-e could have financed Russian security forces. In this context, it is interesting that arms dealer Viktor Booth tried to lobby for Vinnik’s release.