NLBrute Malware Developer Pleads Guilty
The Russian man accused of creating, using, and selling NLBrute, a brute-forcing tool, has pleaded guilty.
According to court documents, from at least June 2016 to January 2019, 28-year-old Dariy Pankov also known as "dpxaker" used NLBrute, a brute-forcing tool to acquire the login credentials of thousands of computers worldwide. He also sold NLBrute to other cybercriminals and allowed his accomplices to sell it on his behalf for a fee.
Pankov sold the tens of thousands of login credentials he acquired from the use of NLBrute through an undisclosed dark web marketplace.
An undercover agent reportedly purchased the login credentials of a Florida law firm from Pankov via the marketplace for $50 in January 2018. A few months later, in June, the undercover agent purchased the credentials of yet another Florida law firm from Pankov for $19.
Pankov listed the credentials of more than 35,000 compromised computers for sale on the market. He made more than $350,000 from the sale of the stolen credentials via the market.
Pankov was arrested in Georgia on October 4, 2022, and extradited to the United States. He was charged in a seven-count indictment filed in April 2019.
He pleaded guilty to conspiracy to commit access device fraud and computer fraud on September 14, 2023. As part of the plea agreement, Pankov agreed to forfeit $358,437. He faces a maximum penalty of five years in federal prison.
Dariy Pankov
According to court documents, from at least June 2016 to January 2019, 28-year-old Dariy Pankov also known as "dpxaker" used NLBrute, a brute-forcing tool to acquire the login credentials of thousands of computers worldwide. He also sold NLBrute to other cybercriminals and allowed his accomplices to sell it on his behalf for a fee.
Pankov sold the tens of thousands of login credentials he acquired from the use of NLBrute through an undisclosed dark web marketplace.
An undercover agent reportedly purchased the login credentials of a Florida law firm from Pankov via the marketplace for $50 in January 2018. A few months later, in June, the undercover agent purchased the credentials of yet another Florida law firm from Pankov for $19.
Pankov listed the credentials of more than 35,000 compromised computers for sale on the market. He made more than $350,000 from the sale of the stolen credentials via the market.
Pankov was arrested in Georgia on October 4, 2022, and extradited to the United States. He was charged in a seven-count indictment filed in April 2019.
He pleaded guilty to conspiracy to commit access device fraud and computer fraud on September 14, 2023. As part of the plea agreement, Pankov agreed to forfeit $358,437. He faces a maximum penalty of five years in federal prison.
