BANGKOK – The mystery surrounding Hamza Bendelladj, dubbed the ”smiling hacker” has deepened, with prosecutors unable to say when he will appear in court and US officials refusing to specify what laws he has broken.
Hamza Bendelladj, 24, was arrested on Jan 6 while his plane was on the tarmac at Suvarnabumi airport.
Police said that Mr Bendelladj _ photographed grinning broadly following his arrest _ had hacked into private accounts in 217 banks and financial companies around the world, earning up to US$20 million (595.6 million baht) per transaction and amassing huge amounts in illicit earnings.
He was travelling with his family following a holiday in Malaysia en route to Cairo, Egypt. It is unclear why extradition to the US state of Georgia is being sought and which specific laws Mr Bendelladj is alleged to have broken.
Jenny Shearer, an FBI spokesperson in Washington, told the Bangkok Post Sunday only that Mr Bendelladj was not among the FBI’s Top 10 Most Wanted criminals. She said extraditions involve the Department of State and the Department of Justice, which often work with foreign countries through mutual legal assistance treaties.
It has been alleged that Mr Bendelladj operated under multiple handles and aliases including bx1, Daniel Hamza and Daniel Delcore. Some of those aliases were named in a 2012 legal suit by Microsoft seeking to discover the identities of 39 alleged ZeuS botmasters. The complaint was submitted to the US District Court for the Eastern District of New York _ making the extradition destination of Georgia curious.
Brian Krebs, an internet security expert and former Washington Post journalist, wrote on his blog that Mr Bendelladj had likely contacted him via Instant Messenger alias bx1 early last year: ”The Daniel I chatted with was proud of his work, and seemed to enjoy describing successful attacks. In one such conversation, dated January, 2012, bx1 bragged about breaking into the systems of a hacker who used the nickname Symlink and was renowned in the underground for writing complex, custom web injects for ZeuS and SpyEye users. Specifically, Symlink’s code was designed to automate money transfers out of victim banks to accounts that ZeuS and SpyEye botmasters controlled.”
Mr Krebs told the Bangkok Post Sunday he is unsure why bx1 would brag about his exploits to him.
”Perhaps he was hoping I would write a story about his exploits. Despite what many experts say _ that most criminal hackers seek riches over renown these days _ many of these individuals are extremely proud and have big egos, which sometimes leads them to welcome attention to their misdeeds.”
The type of bank hacking Mr Bendelladj is alleged to have committed, Mr Krebs pointed out, is unusual.
”It is unfortunately quite common these days even for novice miscreants to operate collections of hacked PCs, or ‘botnets’. For those who lack the skills and patience to build their own botnets, there are turnkey solutions sold in the underground that will set buyers up on their own servers and get the entire process running for the buyer.”
The arresting officer, Pol Maj Prot Sertakij from the Immigration Police at Suvarnabumi, said Mr Bendelladj was arrested for banking fraud and was now under the detention of the Criminal Court in Thailand.
”The arrest warrant was issued by the Criminal Court of Thailand,” he said. ”The arrest warrant specifically mentioned that bail is not allowed for Mr Bendelladj at the request of the US.”
Pol Maj Prot said Mr Bendelladj would have to go through the Thai court process before any ruling is made on extradition.
The prosecutor’s department of the Criminal Court could not say when Mr Bendelladj would appear in court next. However, a spokeswoman for the department said more charges would be laid against the Algerian.
Pol Maj Prot said Mr Bendelladj did not resist arrest. ”He just said goodbye to his family and followed us. Then his wife and daughter continued on their journey to Egypt without him.” – Ezra Kyrill Erker & Chaiyot Yongcharoenchai Bangkok Post