Extradited Russian Hacker Behind ‘NLBrute’ Malware Pleads Guilty

Russian hacker Dariy Pankov has pleaded guilty to computer fraud and now faces a maximum penalty of five years in federal prison, according to an announcement from the U.S. Attorney’s Office.

Pankov, who was extradited from the Eastern European country of Georgia earlier this year, was charged with developing and selling a piece of malware called NLBrute that was used in cybercriminal activities.

As part of a plea deal, the government said Pankov will forfeit $358,437, the proceeds of the charged criminal conduct.

According to the Justice Department, Pankov made at least $350,000 from cybercrime activities between 2016 and 2019. He is believed to have developed and sold NLBrute, a tool that has been widely used by cybercriminals to obtain credentials.

Pankov was charged with using NLBrute to obtain the login credentials of tens of thousands of computers located all over the world. 

“He marketed and sold, and had others sell on his behalf, NLBrute to other cybercriminals for a fee. Pankov sold the stolen login credentials on a dark web website that specialized in the purchase and sale of access to compromised computers. Once sold, those credentials were used to facilitate a wide range of illegal activity, including ransomware attacks and tax fraud,” the U.S. Attorney’s Office said.

According to the charges, Pankov listed the credentials of more than 35,000 compromised computers for sale on the website, and obtained more than $350,000 in illicit proceeds.

Pankov, a Russian citizen, was taken into custody in the Republic of Georgia on October 4, 2022, and extradited to the United States soon after.

Related: Russian Businessman Guilty in Insider Trade Scheme

Related: Russian Arrested in Canada Over LockBit Ransomware

Related: Russian Extradited to US for Laundering Ryuk Money

Related: Accused NLBrute Malware Developer Extradited to US