Security Experts:

Algerian Sought for SpyEye Malware Extradited to US

WASHINGTON - An Algerian sought in connection with the "SpyEye" computer virus designed to steal financial and personal information was extradited by Thailand to the United States to face charges, officials said Friday.

The US Justice Department said Hamza Bendelladj, known by his alias "Bx1," would face charges in federal court in Atlanta, Georgia, for his role in developing, marketing and distributing the malware.

Bendelladj, 24, was charged in a 23-count indictment that was returned on December 20, 2011, and unsealed Friday, including charges of wire fraud, computer fraud and conspiracy.

Officials said Bendelladj was arrested January 5 at Suvarnabhumi Airport in Bangkok, while he was in transit from Malaysia to Egypt. He was extradited from Thailand on Thursday.

"Hamza Bendelladj has been extradited to the United States to face charges of controlling and selling a nefarious computer virus designed to pry into computers and extract personal financial information," said Acting Assistant Attorney General Mythili Raman.

"The indictment charges Bendelladj and his co-conspirators with operating servers designed to control the personal computers of unsuspecting individuals and aggressively marketing their virus to other international cybercriminals intent on stealing sensitive information."

According to court documents, SpyEye was designed to automate the theft of confidential personal and financial information, such as online banking credentials, credit card information, usernames, passwords and other personally identifying information.

Bendelladj and others are accused of having developed, marketed and sold various versions of the SpyEye virus and component parts online from 2009 to 2001.

The Algerian also allegedly operated a server located in the state of Georgia, which controlled computers infected with the SpyEye virus.

The names of others accused in the same indictment were not disclosed in a redacted document released by officials.

Subscribe to the SecurityWeek Email Briefing
view counter