"Russian Accused of Developing NLBrute Malware Extradited to US"

A Russian national accused of developing a piece of malware named NLBrute has recently been extradited to the United States from the Eastern European country of Georgia.  The suspect, Dariy Pankov, aka dpxaker, was extradited from Georgia in October 2022, and he appeared before a US judge this week.  It is unclear for how long he had been in Georgia before being detained, but more than 100,000 Russians reportedly fled to the neighboring country last year, often in an effort to avoid being drafted into Russia’s armed forces as the country wages its war against Ukraine.   According to the Department of Justice (DoJ), Pankov has been charged with computer fraud, conspiracy, and access device fraud and faces up to 47 years in prison.  The man will remain in custody during his trial.  The DoJ stated that Pankov made at least $350,000 from cybercrime activities between 2016 and 2019.  He is believed to have developed and sold NLBrute, a tool that has been widely used by cybercriminals to obtain credentials.  The tool is designed for brute-forcing RDP credentials, and at one point, it was used in tandem with a botnet in an effort to distribute the brute-forcing process.  The DoJ noted that Pankov used the malware to obtain login credentials for tens of thousands of computers worldwide and offered to sell 35,000 credentials on a cybercrime forum.  Two law firms in Florida are mentioned as victims in the indictment, but they have not been named.  In addition to the Pankov extradition, the DoJ announced this week that two men from Maryland have been sentenced to a combined 14 years in prison for laundering money as part of a business email compromise (BEC) scheme.

SecurityWeek reports: "Russian Accused of Developing NLBrute Malware Extradited to US"