US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

The United States has deported the author of NeverQuest banking malware, the computer programmer Stanislav Vitaliyevich Lisov to Russia.

The United States has deported the computer programmer Stanislav Vitaliyevich Lisov (35) to Russia, he is the author of NeverQuest banking malware,

Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. The Russian hacker was suspected of being the author of the Neverquest malware, aka Vawtrak malware, and the person who administrated the control infrastructure.

The Neverquest was used by cyber criminals to steal login credentials from banking customers, it leverages on injection mechanisms to provide users fake forms into legitimate banking websites. The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine.

The Neverquest malware is able to log in to the victim’s online banking account and perform fraudulent transactions.

The arrest is the result of the collaboration between the Spanish law enforcement and the FBI.

Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, he managed a network of servers containing lists of millions of stolen login credentials.

In February 2019, the man has pled guilty to one count of conspiracy to commit computer hacking in Manhattan Federal Court.

Lisov and his co-conspirators attempted to steal at least approximately $4.4 million using the NeverQuest malware, according to the authorities they stole at least approximately $855,000 from their victims’ online financial accounts.

In November 2019, the United States Attorney Geoffrey S. Berman sentenced Lisov to 48 months in prison and to 3 years of supervised release. The man was also ordered to pay a forfeiture of $50,000 and restitution of $481,388.04.

Now the United States decided to deport the man to Russia on June 16.

Lisov was detained six days in an immigration detention facility before being transferred from a prison in Pennsylvania on June 10. Then the programmer was transported to New York’s JFK International Airport, where he boarded a flight to Moscow.

Alexei Topolsky, a spokesperson for the Russian Consulate General in New York, declared Lisov arrived to the airport without handcuffs.

“[he ]looked like a person who was happy to be going home.” said Topolsky.

Lisov arrived at Sheremetyevo International Airport where his wife, Darya Lisova, was waiting for him.

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, malware)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.