A hacker accused of developing the NLBrute hacking tool is convicted in Florida for using the tool "to build a criminal empire."
According to the US Department of State, Darius Pankov, also known as "dpxaker", created the NLBrute malware, which used brute-force attacks to crack Windows credentials on systems with an insecure RDP protocol. Pankov was arrested in Georgia 4 months ago and recently extradited to the US.
According to the case file, Pankov made hundreds of thousands of dollars between 2016 and 2019 by selling NLBrute to other attackers for $250 in bitcoin and allowing some of them to resell the tool.
He also, according to the documents, sold stolen credentials on the dark web so that cybercriminals could use them in further attacks. In total, Pankov sold login credentials to more than 35,000 computers around the world, earning more than $350,000. Two unnamed American law firms in Florida were mentioned among the compromised systems.
Pankov faces conspiracy, access device fraud and computer fraud charges that prosecutors say could land him in jail for up to 47 years. US authorities are also planning to seize $358,437 that they link to Pankov's crimes.
NLBrute was making a name for itself at a time when brute force attacks were on the rise. In 2018, NLBrute was one of the key tools in system breaches that used Microsoft's RDP protocol as a way to infiltrate vulnerable systems. NLBrute has also been associated with the REvil and Netwalker factions.