A Russian national believed to be a developer of the NLBrute malware has pleaded guilty in a US court to conspiracy to commit access device fraud and computer fraud.

Dariy Pankov, aka dpxaker, was arrested in October 2022 in Georgia at the request of the US government and extradited to the United States in February 2023. He was charged with conspiracy, access device fraud, and computer fraud.

The US Department of Justice alleges that Pankov developed a brute-forcing tool called NLBrute able to compromise password-protected machines by decrypting login credentials.

“Pankov used NLBrute to obtain the login credentials of tens of thousands of computers located all over the world. He marketed and sold, and had others sell on his behalf, NLBrute to other cybercriminals for a fee,” the DoJ said in a press release.

“Pankov sold the stolen login credentials on a dark web website that specialized in the purchase and sale of access to compromised computers. Once sold, those credentials were used to facilitate a wide range of illegal activity, including ransomware attacks and tax fraud. Pankov listed the credentials of more than 35,000 compromised computers for sale on the website, and obtained more than $350,000 in illicit proceeds.”

Pankov faces a maximum penalty of five years in prison. He has also agreed to forfeit $358,437 obtained via criminal activity. A sentencing date will be set at a later date.