Hamza Bendelladj Extradited from Thailand to Face the Alleged Federal Cyber Crime Charges in Atlanta for SpyEye Virus

May 3, 2013

The Federal Bureau of Investigation (FBI) on May 3, 2013 released the following:

Algerian National Extradited from Thailand to Face Federal Cyber Crime Charges in Atlanta for SpyEye Virus

“ATLANTA— Hamza Bendelladj, an Algerian national also known as Bx1, will be arraigned on federal cyber crime charges for his role in developing, marketing, distributing, and operating the malicious computer virus SpyEye.

“No violence or coercion was used to accomplish this scheme, just a computer and an Internet connection,” said United States Attorney Sally Quillian Yates. “Bendelladj’s alleged criminal reach extended across international borders, directly into victims’ homes. In a cyber netherworld, he allegedly commercialized the wholesale theft of financial and personal information through this virus which he sold to other cyber criminals. Cyber criminals, take note—we will find you. This arrest and extradition demonstrates our determination to bring you to justice.”

“Hamza Bendelladj has been extradited to the United States to face charges of controlling and selling a nefarious computer virus designed to pry into computers and extract personal financial information,” said Acting Assistant Attorney General Mythili Raman. “The indictment charges Bendelladj and his co-conspirators with operating servers designed to control the personal computers of unsuspecting individuals and aggressively marketing their virus to other international cybercriminals intent on stealing sensitive information. The extradition of Bendelladj to face charges in the United States demonstrates our steadfast determination to bring cyber criminals to justice, no matter where they operate.”

“The FBI has expanded its international partnerships to allow for such extraditions of criminals who know no borders,” stated Mark F. Giuliano, Special Agent in Charge, FBI Atlanta Field Office. “The federal indictment and extradition of Bendelladj should send a very clear message to those international cyber criminals who feel safe behind their computers in foreign lands that they are, in fact, within reach.”

Bendelladj, 24, was indicted by a federal grand jury in Atlanta, Georgia on December 20, 2011. The 23-count indictment charges him with one count of conspiring to commit wire and bank fraud, 10 counts of wire fraud, one count of conspiracy to commit computer fraud, and 11 counts of computer fraud. Bendelladj was apprehended at Suvarnabhumi Airport in Bangkok, Thailand, on January 5, 2013, while he was in transit from Malaysia to Egypt. The indictment was unsealed on May 1, 2013. Bendelladj was extradited from Thailand to the United States on May 2, 2013, and was arraigned in United States District Court before United States Magistrate Judge Janet F. King.

According to court documents, the SpyEye virus is malicious computer code, or malware, which is designed to automate the theft of confidential personal and financial information, such as online banking credentials, credit card information, usernames, passwords, PINs, and other personally identifying information. The SpyEye virus facilitates this theft of information by secretly infecting victims’ computers, enabling cyber criminals to remotely control the computers through command and control (C&C) servers. Once a computer is infected and under the cyber criminals’ control, a victim’s personal and financial information can be surreptitiously collected using techniques such as “web injects,” which allow cyber criminals to alter the display of webpages in the victim’s browser in order to trick them into divulging personal information related to their financial accounts. The financial data is then transmitted to the cyber criminals’ C&C servers, where criminals use it to steal money from the victims’ financial accounts.

The indictment alleges that from 2009 to 2011, Bendelladj and others developed, marketed, and sold various versions of the SpyEye virus and component parts on the Internet and allowed cyber criminals to customize their purchases to include tailor-made methods of obtaining victims’ personal and financial information. Bendelladj allegedly advertised the SpyEye virus on Internet forums devoted to cyber crime and other criminal activities. In addition, Bendelladj allegedly operated C&C servers, including a server located in the Northern District of Georgia, which controlled computers infected with the SpyEye virus. One of the files on Bendelladj’s C&C server in the Northern District of Georgia allegedly contained information from approximately 253 unique financial institutions.

If convicted, Bendelladj faces a maximum sentence of up to 30 years in prison for conspiracy to commit wire and bank fraud; up to 20 years for each wire fraud count; up to five years for conspiracy to commit computer fraud; up to five or 10 years for each count of computer fraud; and fines of up to $14 million.

Members of the public are reminded that the indictment contains only allegations. A defendant is presumed innocent of the charges, and it will be the government’s burden to prove a defendant’s guilt beyond a reasonable doubt at trial.

This case is being investigated by special agents of the Federal Bureau of Investigation.

Special Assistant United States Attorney Nicholas Oldham and Assistant United States Attorney Scott Ferber of the Northern District of Georgia and Trial Attorney Carol Sipperly of the Criminal Division’s Computer Crime and Intellectual Property Section are prosecuting the case. Valuable assistance was provided by the Criminal Division’s Office of International Affairs, which worked with its international counterparts to effect the extradition.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
International Extradition Lawyers Videos:

International Extradition – When the FBI Seeks Extradition

International Extradition – Wire Transfer – Email – Telephone Call

————————————————————–

We previously discussed the extradition treaty between the United States and Thailand here.

————————————————————–

To find additional global criminal news, please read The Global Criminal Defense Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition Defense, OFAC SDN Sanctions Removal, International Criminal Court Defense, and US Seizure of Non-Resident, Foreign-Owned Assets. Because we have experience dealing with INTERPOL, our firm understands the inter-relationship that INTERPOL’s “Red Notice” brings to this equation.

The author of this blog is Douglas C. McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.

————————————————————–

International criminal defense questions, but want to be anonymous?

Free Skype Tel: +1.202.470.3427, OR

Free Skype call:

           Office Locations

Email:


Manhattan U.S. Attorney and FBI Assistant Director in Charge Announce Extradition of Russian Citizen to Face Charges for International Cyber Crimes

January 17, 2012

The Federal Bureau of Investigation (FBI) on January 17, 2012 released the following:

“Nine-Count Indictment Charges Defendants with Stealing Personal and Financial Information and Stock Market Manipulation

Preet Bharara, the United States Attorney for the Southern District of New York, and Janice K. Fedarcyk, the Assistant Director in Charge of the New York Office of the Federal Bureau of Investigation (“FBI”), announced today the unsealing of a nine-count indictment charging VLADIMIR ZDOROVENIN and his son, KIRILL ZDOROVENIN, two Russian citizens, with conspiracy, mail fraud, wire fraud, computer fraud, aggravated identity theft, and securities fraud. They were indicted under seal in May 2007. VLADIMIR ZDOROVENIN was apprehended on March 27, 2011, in Zurich, Switzerland, and arrived in New York yesterday following his extradition by Swiss authorities. He will be presented and arraigned before U.S. Magistrate Judge Gabriel W. Gorenstein in Manhattan federal court later today. KIRILL ZDOROVENIN remains at large.

Manhattan U.S. Attorney Preet Bharara said: “Cyber crime is a pandemic that makes geography meaningless. From far away, with the click of a mouse, the cyber criminal can victimize millions of people in the U.S. As alleged, Vladimir Zdorovenin and his son did exactly that; they engaged in serial cyber crimes in Russia that targeted Americans and wrought havoc with their personal and financial information, using it to make phony purchases and to manipulate stock prices. As the unsealing of today’s Indictment demonstrates, we will reach out across the globe, and wait as long as it takes to bring cyber criminals to justice.”

FBI Assistant Director in Charge Janice K. Fedarcyk stated: “Mr. Zdorovenin’s egregious behavior illustrated the true colors of the cyber underground, as he and his son allegedly defrauded consumers of hundreds of thousands of dollars using methods that included compromised credit cards, all fronted through fictitious companies they had created. In addition, Zdorovenin allegedly installed malware to access victims’ brokerage accounts, trading victims’ securities and manipulating the price of stocks Zdorovenin already owned. This should serve as a stark reminder to anyone who believes he can commit cyber crime and hide behind the safety and anonymity of a Russian IP address; you are not beyond the reach of the FBI.”

According to the indictment unsealed today in Manhattan federal court:

At various times between 2004 and 2005, VLADIMIR ZDOROVENIN and his son KIRILL ZDOROVENIN allegedly engaged in a series of crimes in Russia that victimized citizens of the United States through the use of stolen credit card information, multiple phony websites, and bank accounts in Russia and Latvia. Specifically, the indictment alleges that the ZDOROVENINs stole victims’ personal identification information, including credit card numbers, through the use of computer programs that were surreptitiously installed on victims’ computers and that recorded the information as it was entered. The ZDOROVENINs also allegedly purchased stolen credit card numbers from other individuals, and used the stolen credit card information to make what appeared to be legitimate purchases of goods from various Internet businesses that they ran. However, as alleged, the purchases were fraudulent and were used as a means of deceiving banks, credit card service processors, credit card holders, and others, thereby enabling the ZDOROVENINS to steal the money they directed to their websites.

Additionally, as alleged in the indictment, the ZDOROVENINs, used the Internet to unlawfully access the financial services accounts of victims located in the United States and then transferred or attempted to transfer hundreds of thousands of dollars from those accounts to bank accounts under the ZDOROVENINs’ control. Finally, the Indictment charges that after taking over victims’ online brokerage accounts, the ZDOROVENINs bought and sold thousands of shares of certain companies’ stock in an effort to manipulate the prices of those stocks. The ZDOROVENINs allegedly realized profits through this scheme by simultaneously purchasing or selling shares of the same stocks through their own online brokerage account, maintained in the name of Rim Investment Management, Ltd.

* * *

VLADIMIR ZDOROVENIN, 54, of Moscow, Russia, faces a maximum sentence of 142 years in prison in connection with the charges in the indictment. The case has been assigned to U.S. District Judge Paul G. Gardephe.

Mr. Bharara praised the outstanding investigative work of the FBI. He also thanked the Office of International Affairs in the U.S. Department of Justice’s Criminal Division for its assistance with the extradition.

This case is being handled by the Office’s Complex Frauds Unit. Assistant U.S. Attorneys James J. Pastore, Jr. and Thomas G.A. Brown are in charge of the prosecution.

The charge and allegations contained in the Indictment are merely accusations, and the defendants are presumed innocent unless and until proven guilty.”

————————————————————–

Douglas McNabb – McNabb Associates, P.C.’s
International Extradition Lawyers Videos:

International Extradition – When the FBI Seeks Extradition

International Extradition – Wire Transfer – Email – Telephone Call

————————————————————–

To find additional global criminal news, please read The Global Criminal Defense Daily.

Douglas McNabb and other members of the U.S. law firm practice and write and/or report extensively on matters involving Federal Criminal Defense, INTERPOL Red Notice Removal, International Extradition and OFAC SDN Sanctions Removal.

The author of this blog is Douglas McNabb. Please feel free to contact him directly at mcnabb@mcnabbassociates.com or at one of the offices listed above.