1 min read

Russian Malware Developer Behind ‘NLBrute’ Faces Five Years in Prison


September 19, 2023

Promo Protect all your devices, without slowing them down.
Free 30-day trial
Russian Malware Developer Behind ‘NLBrute’ Faces Five Years in Prison

A Russian national extradited to the US from the country of Georgia is about to spend five years behind bars after pleading guilty to developing and selling malware used in various cybercrimes.

28-year-old Dariy Pankov, aka dpxaker, was extradited last year to the United States from the Eastern European nation, charged with developing and selling NLBrute, a piece of malware designed to enable various illicit activities.

NLBrute debuted in 2016 on cybercrime forums, selling for US$250. It enabled brute-forcing RDP credentials at scale over the years, making it a popular tool among ransomware actors, tax fraudsters and others.

According to his plea agreement, Pankov admitted to developing the powerful malware, described as “capable of compromising protected computers by decrypting login credentials, such as passwords.”

Pankov allegedly used NLBrute to obtain the login credentials of tens of thousands of computers around the world.  He sold the stolen login credentials on the dark web on forums and websites specialized in the purchase and sale of access to compromised computers.

“Once sold, those credentials were used to facilitate a wide range of illegal activity, including ransomware attacks and tax fraud,” according to the US Department of Justice. “Pankov listed the credentials of more than 35,000 compromised computers for sale on the website, and obtained more than $350,000 in illicit proceeds.”

The man also marketed and sold NLBrute to other cybercriminals for a fee, and had others sell on his behalf as well.

Pankov faces up to five years in prison after pleading guilty to conspiracy to commit access device fraud and computer fraud. Pankov has also agreed to forfeit $358,437, the proceeds of the charged criminal conduct. The sentencing date has yet to be set.

NLBrute has lost its popularity in recent times, but cracked versions of the malware can still be found in the wild.




Filip has 15 years of experience in technology journalism. In recent years, he has turned his focus to cybersecurity in his role as Information Security Analyst at Bitdefender.

View all posts

You might also like