18 September 2023

Malware dev behind NLBrute tool pleads guilty in the US


Malware dev behind NLBrute tool pleads guilty in the US

A Russian national believed to be a developer of the NLBrute malware has pleaded guilty in a US court to conspiracy to commit access device fraud and computer fraud.

Dariy Pankov, aka dpxaker, was arrested in October 2022 in Georgia at the request of the US government and extradited to the United States in February 2023. He was charged with conspiracy, access device fraud, and computer fraud.

The US Department of Justice alleges that Pankov developed a brute-forcing tool called NLBrute able to compromise password-protected machines by decrypting login credentials.

“Pankov used NLBrute to obtain the login credentials of tens of thousands of computers located all over the world. He marketed and sold, and had others sell on his behalf, NLBrute to other cybercriminals for a fee,” the DoJ said in a press release.

“Pankov sold the stolen login credentials on a dark web website that specialized in the purchase and sale of access to compromised computers. Once sold, those credentials were used to facilitate a wide range of illegal activity, including ransomware attacks and tax fraud. Pankov listed the credentials of more than 35,000 compromised computers for sale on the website, and obtained more than $350,000 in illicit proceeds.”

Pankov faces a maximum penalty of five years in prison. He has also agreed to forfeit $358,437 obtained via criminal activity. A sentencing date will be set at a later date.

Back to the list

Latest Posts

Chinese hackers target OpenAI employees in phishing attack

Chinese hackers target OpenAI employees in phishing attack

OpenAI said it disrupted cyber threats from China-based and Iranian groups.
10 October 2024
Fortinet, Mozilla Firefox flaws exploited in the wild

Fortinet, Mozilla Firefox flaws exploited in the wild

Users are urged to update to the latest versions immediately to protect against potential exploitation.
10 October 2024
Mamba 2FA PaaS platform targets Microsoft 365 accounts in advanced AiTM attacks

Mamba 2FA PaaS platform targets Microsoft 365 accounts in advanced AiTM attacks

At $250 per month, the platform offers threat actors well-crafted phishing pages and mechanisms to bypass MFA.
9 October 2024