NLBrute malware developer from Russia extradited to the US

March 14, 2023
NLBrute Malware Developer Russian Hacker Extradition US Policy Enforcement Cybercrime Dark Web Marketplace

The alleged Russian NLBrute malware developer was deported by authorities to the United States after its apprehension in the Republic of Georgia last year. The accused individuals allegedly sold and created the password-cracking tool.

The arrested individual is named Dariy Pankov, who now faces computer and device fraud violations that could reach nearly 50 years of conviction.

 

The NLBrute malware is a sophisticated hacking tool that could compromise heavily secured devices.

 

According to the Justice Department, Pankov created the NLBrute malware that could compromise protected devices by decrypting login credentials, such as passwords.

Moreover, the Russian cybercriminal utilised the malware to acquire login credentials from numerous computers worldwide. The stolen credentials are then spread to other cybercriminals and NLBrute affiliates.

The accused also sold stolen details on an underground marketplace where the threat actors were selling access to compromised networks. Authorities claimed that users who purchased the stolen information might have used it in several malicious campaigns, such as ransomware attacks and tax fraud.

Law enforcement agencies and several other investigators tracked nearly $360,000 worth of money that the suspect withdrew from several cybercriminal marketplaces between August 2016 and January 2019. These earnings came from the sold access of hacked computers.

The indictment stated that tens of thousands of stolen data were for sale during Pankov’s activity. However, the accused met his demise after he sold the login information of a law firm in the Middle District of Florida to an undercover law-enforcement officer for about $20 on June 2018.

NLBrute became popular among the threat actors as it participated in multiple ransomware operations from well-known threat groups like Netwalker, Dharma, and REvil. This malicious tool became the brute forcing kit for the threat groups to access their targets’ Remote Desktop Protocol servers.

The cooperation of international agencies, researchers, and law enforcement agencies has gradually increased the number of apprehended cyber criminals globally. Last month, the Russian founder of the Hong Kong-based crypto exchange dubbed Bitzlato was also arrested and charged with aiding hackers to launder illegally acquired funds.

These threat actors are expected to slowly dwindle in numbers since the authorities have higher morale due to these successful arrests.

About the author

Leave a Reply