The alleged author of NLBrute Malware was extradited to US from Georgia

Dariy
Pankov,
a
Russian
VXer
behind
the
NLBrute
malware,
has
been
extradited
to
the
United
States
from
Georgia.

The
Russian
national
Dariy
Pankov,
aka
dpxaker,
is
suspected
to
be
the
author
of
the
NLBrute
malware.
The
man
has
been
extradited
to
the
United
States
from
Georgia. 

“Pankov,
a
citizen
and
resident
of
Russia,
was
taken
into
custody
by
Georgian
authorities
in
the
Republic
of
Georgia,
on
October
4,
2022,
and
extradited
to
the
United
States
pursuant
to
a
request
from
the
United
States.”
reads
the


press
release
published
by
DoJ.
“Pankov
appeared
before
United
States
Magistrate
Christopher
P.
Tuite
on
February
21,
2023,
in
Tampa,
Florida
and
was
ordered
detained
pending
trial.”

Pankov
is
charged
with
conspiracy,
access
device
fraud,
and
computer
fraud.

The
malware
allows
operators
of
compromising
protected
computers
by
decrypting
login
credentials.

According
to
the
indictment,
Pankov
marketed
and
sold
NLBrute,
he
also
sold
thousands
of
login
credentials
for
compromised
computers
that
he
had
obtained
through
his
use
of
NLBrute.

“According
to
the
indictment,
Pankov
developed
a
malicious
software
program
named
“NLBrute.”
The
powerful
malware
was
capable
of
compromising
protected
computers
by
decrypting
login
credentials,
such
as
passwords.”
continues
the
DoJ.
“Pankov
used
NLBrute
to
obtain
the
login
credentials
of
tens
of
thousands
of
computers
located
all
over
the
world.
He
marketed,
sold,
and
had
others
sell
on
his
behalf,
NLBrute
to
other
cybercriminals
for
a
fee.”

The
stolen
login
credentials
were
available
on
a
dark
web
website
that
specialized
in
the
purchase
and
sale
of
access
to
compromised
computers.
The
man
listed
the
credentials
of
more
than
35,000
compromised
computers
for
sale
and
according
to
the
investigators,
he
obtained
more
than
$350,000
in
illicit
proceeds
between
2016
and
2019.

The
list
of
the
Pankov’s
victims
includes
two
unnamed
law
firms
in
Middle
District
of
Florida.

If
convicted
on
all
counts,
the
Russian
nation
can
faces
a
maximum
penalty
of
47
years
in
federal
prison.

Follow
me
on
Twitter:


@securityaffairs
and


Facebook
and


Mastodon

Pierluigi Paganini

(SecurityAffairs –

hacking,
NLBrute)

Share
On

About Author

AndyC

Andy Curtis is an award-winning security consultant, researcher and public speaker. He has been working in the computer security industry since the early 1990s, having been employed by state and federal government, leading healthcare and banking providers across three continents. He has given talks about computer security for some of the world’s largest companies, worked with law enforcement agencies on investigations into hacking groups, and is a regular voice on TV and radio explaining IT security threats.

See author's posts