Two computer hackers were sentenced to a combined total of 24 years and six months in prison for their roles in developing and distributing malware called “SpyEye” blamed for hundreds of millions of dollars in losses to financial institutions worldwide, the U.S. Justice Department said on Wednesday.
A U.S. District Court judge in Atlanta handed down prison sentences of nine and a half years to Aleksandr Panin, 27, of Russia and 15 years to Hamza Bendelladj, 27, of Algeria, the department said in a statement.
“Until dismantled by the FBI, SpyEye was the preeminent malware banking Trojan from 2010-2012, used by a global syndicate of cybercriminals to infect over 50 million computers, causing close to $1 billion in financial harm to individuals and financial institutions around the globe,” the statement said.
Following indictments of the pair by a Georgia grand jury in 2011, Panin, SpyEye’s primary developer, was arrested at an Atlanta airport in 2013 and pleaded guilty in January 2014 to the 23 charges in the indictment, including wire fraud and bank fraud, the Justice Department said.
Bendelladj was arrested in Thailand in January 2013 and extradited later that year to the United States, where in June 2015 he also pleaded guilty to all 23 counts in the indictment, it said.
“Bendelladj transmitted over one million spam emails containing strains of SpyEye and related malware to computers in the United States, yielding hundreds of thousands of infected computers,” the statement said.
FBI agents investigating the case were helped by private industry, including Microsoft and Trend Micro, and 26 international law enforcement agencies, it said.