A Russian malware developer accused of creating and selling password cracking tool NLBrute has been extradited to the United States after being arrested in the Republic of Georgia last year on October 4.

Also known as the dpxaker, Dariy Pankov is now charged with access device fraud and computer fraud and faces a maximum sentence of 47 years in federal prison if convicted on all counts.

“The powerful malware was able to compromise protected computers by decrypting login credentials, such as passwords,” the Justice Department said. said in a statement Wednesday.

“Pankov used NLBrute to obtain login credentials for tens of thousands of computers located around the world. He marketed, sold, and caused NLBrute to be sold on his behalf to other cybercriminals for a fee.”

The suspect also sold credentials he had stolen from his victims on a dark web marketplace where cybercriminals sold access to compromised devices and networks.

Those who purchased the stolen login credentials used them in various malicious campaigns, ranging from tax evasion to ransomware attacks.

At least $350,000 raised from selling stolen credentials

Investigators were able to trace $358,437 withdrawn by Pankov from the illegal market between August 2016 and January 2019, obtained by selling access to hacked computers.

According to chargeamong the tens of thousands of stolen credentials he offered for sale, the defendant also sold the login credentials of a law firm in the Middle District of Florida to an undercover law enforcement officer for $19.25 on June 15, 2018.

NLBrute has also been used by threat actors linked to several Ransomware-as-a-Service (RaaS) operations, including REvil, DharmaAnd netwalkerto brute force victims’ Remote Desktop Protocol (RDP) servers and further compromise their networks.

Last week, the Ministry of Justice announced that Russian national Vladislav Klyushin had been convicted of his involvement in a hacking scheme that led to $90 million in illegal profits through corporate actions based on non-public information stolen from US networks.

In January, the Russian founder of the Hong Kong-registered cryptocurrency exchange, Bitzlato, was also arrested and charged help cybercriminals launder illegally obtained money.