United States v. Aleksandr Andreevich Panin, a/k/a Harderman, a/k/a Gribodemon, and Hamza Bendelladj, a/k/a Bx1

SpyEye is a sophisticated malicious computer code designed to automate the theft of confidential personal and financial information, such as online banking credentials, credit card information, usernames, passwords, PINs, and other personally identifying information. SpyEye facilitates this theft of information by secretly infecting victims’ computers, enabling cyber criminals to remotely control the infected computers (or bots) through command and control (C2) servers. Once the victims’ computers are infected and under control, cyber criminals remotely access the infected computers, without authorization, and steal the victims’ personal and financial information through a variety of techniques, including web injects, keystroke loggers, and credit card grabbers. The victims’ stolen personal and financial data is then surreptitiously transmitted to C2 servers, where it is used to steal money from the victims’ financial accounts. Until dismantled, SpyEye was the preeminent malware banking Trojan from 2010-2012.