Russian accused of developing password-cracking tool extradited to US

justice law

A 28-year-old Russian malware developer was extradited to the U.S. where he could face up to 47 years in federal prison for allegedly creating and selling a malicious password-cracking tool.

Dariy Pankov, also known as “dpxaker,” developed what the Department of Justice called “powerful” password-cracking program that he marketed and sold to other cybercriminals for a small bitcoin fee. 

The tool — NLBrute — is a so-called brute-forcing tool that automates the process of trying every possible combination of characters, numbers, or symbols in order to uncover a password, encryption key, or other secret code.

Pankov sold credentials stolen with the help of NLBrute from over 35,000 computers on darknet marketplaces, making more than $350,000 in illicit proceeds between August 2016 and January 2019.

Cybercriminals used the purchased data for ransomware attacks and tax fraud, the U.S. Attorney’s Office for the Middle District of Florida said in a statement on Wednesday.

Pankov’s victims were located in the U.S., France, the UK, Italy, and Australia.

Pankov was arrested in the country of Georgia last October and is charged with conspiracy, access device fraud, and computer fraud. If convicted on all counts, he could face a maximum penalty of 47 years in federal prison. The U.S. also plans to seize $350,000 from him, which was allegedly obtained from illegal activities.

Pankov made an initial appearance in a federal court in Tampa Tuesday.

News of Pankov’s arrest follows the indictment of four Russian nationals this week for their involvement in a decentralized finance (DeFi) cryptocurrency investment platform that the Justice Department believes was a Ponzi scheme.

Article Link: Russian accused of developing password-cracking tool extradited to US - The Record from Recorded Future News