Pierluigi Paganini February 24, 2023

Dariy Pankov, a Russian VXer behind the NLBrute malware, has been extradited to the United States from Georgia.

The Russian national Dariy Pankov, aka dpxaker, is suspected to be the author of the NLBrute malware. The man has been extradited to the United States from Georgia. 

“Pankov, a citizen and resident of Russia, was taken into custody by Georgian authorities in the Republic of Georgia, on October 4, 2022, and extradited to the United States pursuant to a request from the United States.” reads the press release published by DoJ. “Pankov appeared before United States Magistrate Christopher P. Tuite on February 21, 2023, in Tampa, Florida and was ordered detained pending trial.”

Pankov is charged with conspiracy, access device fraud, and computer fraud.

The malware allows operators of compromising protected computers by decrypting login credentials.

According to the indictment, Pankov marketed and sold NLBrute, he also sold thousands of
login credentials for compromised computers that he had obtained through his use of NLBrute.

“According to the indictment, Pankov developed a malicious software program named “NLBrute.” The powerful malware was capable of compromising protected computers by decrypting login credentials, such as passwords.” continues the DoJ. “Pankov used NLBrute to obtain the login credentials of tens of thousands of computers located all over the world. He marketed, sold, and had others sell on his behalf, NLBrute to other cybercriminals for a fee.”

The stolen login credentials were available on a dark web website that specialized in the purchase and sale of access to compromised computers. The man listed the credentials of more than 35,000 compromised computers for sale and according to the investigators, he obtained more than $350,000 in illicit proceeds between 2016 and 2019.

The list of the Pankov’s victims includes two unnamed law firms in Middle District of Florida.

If convicted on all counts, the Russian nation can faces a maximum penalty of 47 years in federal prison.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, NLBrute)