Court for Algerian hacker on FBI most-wanted list
Hamza Bendelladj accused of ties to SpyEye consortium; faces 23-count indictment
An Algerian national has appeared in court in the US, accused of affiliation with a cyber criminal group credited with fuelling a boom in cyber crime through the notorious SpyEye trojan.
A three-year hunt for Hamza Bendelladj, who went by the online alias Bx1, culminated in his arrest in a Bangkok airport on 5 January. Extradition proceedings followed and the 24 year old was transferred to US authorities for trial in Atlanta, Georgia , Reuters reported.
By the time of his arrest Bendelladj was on the FBI's top-ten wanted list for allegedly hacking private accounts in 217 banks and financial companies worldwide. He reportedly faces an indictment of 23 counts of cyber crimes, including bank fraud.
The SpyEye suite, sold in underground markets for prices starting at $2,000, allows the recording of keystrokes and the stealthy gathering of network traffic data, once deposited on a machine through Web exploit kits. It is then used to steal information in order to compromise banks' account security measures.
The trojan's creator, known only as gribodemon, is thought to be a close associate of Bendelladj, while Bendelladj himself is accused of supporting the command and control infrastructure (C&C) necessary for the malware's operation. The Algerian is also accused of selling the SpyEye software.
"Bendelladj's alleged criminal reach extended across international borders, directly into victims' homes," said US Attorney Sally Quillian Yates in Atlanta.
Users of SpyEye are alleged to have siphoned off tens of millions of dollars from bank accounts in the US and Europe, according to Brett Stone-Gross, a security expert at Dell SecureWorks in Atlanta, who added that use of the SpyEye kit has lessened since law enforcement officials have begun to put pressure on the group.
Bendelladj's gave away his real identity following a number of errors, including the use of two e-mail addresses that led to his Facebook account, according to an unnamed source close to the investigation.