The alleged mastermind of the notorious SpyEye banking Trojan toolkit has pleaded guilty to conspiracy to commit fraud in a US court.
Russian programmer Aleksandr Panin was charged by US authorities after his controversial detention while on holiday in the Dominican Republic.
His lawyer said the island state never launched extradition proceedings, yet sent him Atlanta where he was arrested by US authorities.
Panin is believed to be the creator of the SpyEye toolkit which enables cyber criminals to automate the theft of credit card and bank details for use in fraud.
In 2011, research revealed that the UK was second only to the US on the hit list of cyber criminals targeting financial institutions using SpyEye.
Later that year, the source code of SpyEye was leaked, fueling speculation that one of the largest criminal malware families could become an even bigger threat.
When SpyEye emerged in late 2009, it immediately started to compete against users of the Zeus banking malware toolkits.
More on SpyEye
- With Spyeye, Zeus variants, cybercriminals up the ante
- SpyEye Trojan variant attacking Google Android smartphones
- Automation of SpyEye botnet raises the stakes for security
- UK second on SpyEye banking Trojan hit list, study shows
- SpyEye source code leaks could fuel new wave of attacks
- Cybercriminals using Amazon S3 to spread SpyEye toolkit
- Virgin Media the first ISP to warn customers of SpyEye trojan following tip-off from Soca
- Russian cybercriminal steals $3.2M from U.S. government with Zeus, SpyEye toolkit
- SpyEye toolkit owners wage battle with white hat website
Leaking the SpyEye source code gave security researchers valuable information about the techniques of the code writers, but it also opened the door for other cybercriminals to create new variants.
The Trojan’s success is largely due to it being designed to evade transaction monitoring systems, which rely on detecting abnormal behaviour, with frequent releases of new versions.
Prosecutors said the code, which is still in use, has infected more than 1.4 million PCs since its 2009 release, according to the BBC.
According to the FBI, SpyEye was used to compromise 10,000 bank accounts as recently as 2013 and one cyber criminal claimed to have used the malware to steal $3.2m in six months.
At its height, SpyEye sold for up to $8,000 on cyber criminal forums and could be customised to record keystrokes of victims, insert data-stealing fields into banking website pages and hijack computers.
Panin is "one of the pre-eminent cybercriminals that we've been able to apprehend and prosecute so far," said federal prosecutor John Horn.
Panin is due to be sentenced on 29 April.