Tampa, Florida – Dariy Pankov, also known as “dpxaker,” has been taken into custody, and United States Attorney Roger B. Handberg has made the announcement. Pankov is being investigated for conspiracy, fraud using access devices, and computer fraud. Should he be found guilty on all charges, he may be sentenced to a maximum of 47 years in a federal prison. In addition, the indictment serves as notice to Pankov that the United States government seeks to seize and forfeit the sum of $358,437, which is believed to be derived from the profits of the crimes. On October 4, 2022, Georgian officials in the Republic of Georgia apprehended Pankov, a citizen and resident of Russia. Pankov was later extradited to the United States in response to a request from the United States. On February 21, 2023, in Tampa, Florida, Pankov appeared in front of United States Magistrate Christopher P. Tuite, who issued a warrant for Pankov’s arrest until the outcome of his trial.
According to the indictment, Pankov was responsible for creating a piece of malicious software known as “NLBrute.” Deciphering login credentials like passwords was one of the powerful malware’s capabilities, which allowed it to compromise otherwise secure machines. Pankov was able to get the login credentials for tens of thousands of machines located in different parts of the globe by making use of NLBrute. He advertised NLBrute to other online criminals, sold it to them himself, and paid other people to sell it on his behalf. On a website on the dark web that specialized in the acquisition and selling of access to infected systems, Pankov sold the stolen login credentials that he had obtained.
After being sold, those credentials were then used to assist a broad variety of illicit behavior, including fraud involving taxes and ransomware attacks. Pankov gained more than $350,000 in illegal gains from the website by selling the login credentials of more than 35,000 infected machines, which he offered for sale on the website.
Information security specialist, currently working as risk infrastructure specialist & investigator.
15 years of experience in risk and control process, security audit support, business continuity design and support, workgroup management and information security standards.
