ATLANTA – Hamza Bendelladj an Algerian national extradited from Thailand has been charged in the US with developing and selling “SpyEye,” a malicious software that authorities allege has been used to steal millions of dollars from bank accounts.
Bendelladj, known for years in underground computer forums simply as Bx1, was accused in a 23-count indictment of crimes including computer and bank fraud.
The charges, unsealed on Friday, stem from his role in selling and supporting SpyEye, which allows hackers to hijack victims’ bank accounts through their own computers.
Bendelladjs alleged criminal reach extended across international borders, directly into victims homes, US Attorney Sally Quillian Yates said in a statement before his arraignment in Atlanta on Friday.
SpyEye, which can be purchased for as little as $2,000, helped turn hacking into an easy and lucrative occupation and drove a cybercrime boom that has drained tens of millions of dollars from bank accounts in the US and Europe, according to Brett Stone-Gross, a security expert at Dell SecureWorks in Atlanta.
The use of SpyEye has fallen off in the past year as law enforcement operations against the group have intensified, Stone-Gross said.
Bendelladj, 24, was extradited from Thailand at the request of US authorities after his arrest at Suvarnabhumi Airport in Bangkok on Jan 5.
Wearing a dress shirt and black athletic pants, he smiled frequently and chatted in the courtroom. He said he didn’t need an interpreter because he spoke fluent English.
Bendelladj was unable to enter a plea because his lawyer, Damian Martinez, has not been approved yet to practise in Georgia. Martinez said after the hearing that his client would plead not guilty when he returns to court next week.
Prosecutors said Bendelladj was a flight risk and requested that he be held without bail.
Bendelladj, who according to the indictment also helped support hacking operations by providing servers to control the hijacked computers, is a close associate of SpyEyes creator, a shadowy hacker known by the nickname “gribodemon”, according to security experts who helped track the group.
One expert who aided in the investigation said that Bendelladjs real identity was uncovered through a series of mistakes made by the hacker, including the use of two e-mail addresses that led to his Facebook account.
The researcher recorded a 2011 conversation with Bendelladj in Asia, which helped the FBI confirm his identity. The security expert asked not to be named because Bendelladj’s associates are still at large.
Prosecutors allege that Bendelladj sold the SpyEye hacking software as well as designed modules that enhanced its effectiveness.
The software can be customised to get around the security of specific banks’ websites.
Once a computer is infected with SpyEye, hackers can use it to take over online banking sessions and transfer money to accounts they control.
It can also be programmed to automatically steal passwords to e-commerce sites and “scrape” credit card numbers and expiration dates.