Since researching and writing about NSO Pegasus and Phantom, I have been watching for hacking developments. I came up with this.
It’s a big deal that the US takes down a key Russian hacker who was very elusive and difficult to track down and has been stealing millions of dollars over a ten-year period.
His hacking days are over and he is now facing a lengthy prison sentence in the US.
- The Justice Department recently captured a notorious Russian cybercriminal in his home country. They announced that Dariy Panko, 28 a Russian man accused of creating and selling a hacking tool that was used to steal login information from tens of thousands of computers worldwide, has been arrested in the Republic of Georgia and has been extradited and sent to the US for trial. According to prosecutors, Panko is accused of promoting access to over 35,000 computers and making more than $350,000 from illegal sales. This allowed cybercriminals to carry out ransomware attacks and tax fraud. Panko was arrested in October 2022 and recently extradited to the United States for trial in Tampa, FL, the scene of some of his crimes.
- BACKGROUND Dariy Pankov is a notorious Russian hacker who is believed to be behind some of the biggest cyber-attacks in recent years. He has been active in the hacking community for over a decade and has gained a reputation as one of the world’s most skilled and elusive hackers. Pankov’s activities have been linked to various cybercriminal groups, including the Carbanak and Cobalt groups. These groups are responsible for stealing millions of dollars from banks and financial institutions worldwide. Pankov is believed to have played a vital role in the Carbanak group’s over $1 billion theft from banks in more than 30 countries. One of the key tactics used by Pankov and his associates is a technique known as “spear phishing.” This involves sending carefully crafted emails to targeted individuals within a company or organization to trick them into divulging sensitive information or downloading malware. Pankov and his associates are experts at creating convincing emails that look like they come from legitimate sources, such as a company’s IT department or a trusted business partner. Another technique Pankov and his associates used was creating sophisticated malware specifically designed to evade detection by antivirus software. One such malware is “Anunak,” which was used in the Carbanak group’s attacks on financial institutions. Anunak could infect a victim’s computer and then remain undetected for extended periods, allowing the hackers to steal sensitive data without being detected. Pankov has also been linked to various other cybercriminal activities, including stealing credit card information and selling stolen data on the dark web. He is known to be a skilled programmer and is believed to have developed his hacking tools and malware.
- He is known to be extremely careful about his online activities, covering his tracks and avoiding detection by law enforcement agencies – until now. One of the most notable examples of Pankov’s activities was the theft of $10 million from a Ukrainian bank in 2018. Pankov and his associates used spear phishing emails to access the bank’s internal systems, allowing them to transfer funds to accounts under their control. The attack was highly sophisticated and involved the creation of fake employee accounts and manipulating the bank’s transaction logs to cover their tracks. Another example of Pankov’s activities was the theft of $13.5 million from Cosmos Bank in India in 2018. The attack involved the use of malware that was specifically designed to target the bank’s ATM network. The hackers could withdraw large sums of cash from ATMs in more than two dozen countries, causing significant financial losses for the bank. Pankov has also been linked to other cyber-attacks, including the theft of$45 million from ATMs in Japan in 2016 and $1.2 million from a Russian bank in 2017. In all of these cases, Pankov and his associates could gain access to sensitive systems and steal large amounts of money without being detected. Overall, Dariy Pankov was a highly skilled and dangerous hacker responsible for some of the most significant cyber-attacks in recent years. Now he is in US custody, his hacking days are over, and he faces a lengthy prison sentence.
- Copyright ©Richard Murch 2023