Dariy Pankov, the NLBrute malware author, pleads guilty

The Russian national Dariy Pankov, aka dpxaker, has pleaded guilty to conspiracy to commit wire and computer fraud.

The Russian national Dariy Pankov (28), aka dpxaker, is the author of the NLBrute malware. The man has been extradited to the United States from Georgia. 

In February 2023, Pankov was charged with conspiracy, access device fraud, and computer fraud.

The NLBrute malware allows operators to compromise protected computers by decrypting login credentials. According to the indictment, Pankov marketed and sold NLBrute, he also sold thousands of
login credentials for compromised computers that he had obtained through his use of NLBrute.

The stolen login credentials were available on a dark web website that specialized in the purchase and sale of access to compromised computers. The man listed the credentials of more than 35,000 compromised computers for sale and according to the investigators, he obtained more than $350,000 in illicit proceeds between 2016 and 2019.

The list of Pankov’s victims includes two unnamed law firms in the Middle District of Florida.

Pankov faces a maximum penalty of five years in federal prison, he has agreed to forfeit $358,437 which is the amount of the proceeds of the charged criminal activity conducted by the man. The sentencing date has yet to be set.

“According to the plea agreement, Pankov developed a malicious software program named “NLBrute.” The powerful malware was capable of compromising protected computers by decrypting login credentials, such as passwords. Pankov used NLBrute to obtain the login credentials of tens of thousands of computers located all over the world. He marketed and sold, and had others sell on his behalf, NLBrute to other cybercriminals for a fee.” reads the press release published DoJ. “Pankov sold the stolen login credentials on a dark web website that specialized in the purchase and sale of access to compromised computers.”

Pankov resides in Russia, he was taken into custody by Georgian authorities in the Republic of Georgia on October 4, 2022, and extradited to the United States.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Dariy Pankov)