SpyEye – the Smiling Hacker – is extradited to US to face charges

The US Justice Department said Hamza Bendelladj, 24, who was known by his alias “Bx1,” an Algerian sought in connection with the computer malware designed to compromise personal identity and financial information, such as online banking credentials, credit card details, usernames, passwords and other personally identifiable information, would face charges in federal court in Atlanta, GA.  The Algerian also allegedly operated a server out of Georgia, USA, controlling computers infected with the SpyEye malware.

Bendelladj was initially charged in a 23-count indictment that was returned on December 20, 2011, and unsealed Friday, including charges of wire fraud, computer fraud and conspiracy: Bendelladj was allegedly involved in in development, marketing, distribution and sales of several versions of the SpyEye computer virus and its component parts online during 2009, 2010 and 2011.

When Bendelladj was arrested at the Airport in Bangkok earlier this year, Hamza kept smiling – receiving an additional nickname, “a smiling hacker”.

He was extradited from Thailand to the US last Thursday “to face charges of controlling and selling a nefarious computer virus designed to pry into computers and extract personal financial information,” said Acting Assistant Attorney General Mythili Raman . “The indictment charges Bendelladj and his co-conspirators with operating servers designed to control the personal computers of unsuspecting individuals and aggressively marketing their virus to other international cyber-criminals intent on stealing sensitive information.” (quote source: Department of Justice, Office of Public Affairs, Press Release:
International Cybercriminal Extradited from Thailand to the United States, Friday, May 3, 2013)

The names of others accused co-conspirators in the same indictment are not disclosed by officials at this time.

What can you do to protect your business from getting hacked?

Derived from Q&A session with cyber crime expert Tim Francis, these specific risk management strategies are good to follow:

  1.  Train all of your employees to secure and guard sensitive information
  2. Ensure your network systems have adequate and up-to-date firewall and antivirus technology.
  3. Ensure security software patches are updated as soon as they become available.
  4. Monitor the use of BYOD and other mobile devices and public Wi-Fi access for all members of your workforce.
  5. Have proper cybersecurity policies and make sure they are enforced.
  6. Create a cyber event management plan, and practice it as you would a a fire drill.

If your business needs assistance with protecting your data and technology, identifying your computer network’s vulnerabilities, regular support and monitoring, as well as with  implementation of these strategies, please give our office a call at (855) 551-7760.  We have been providing computer services, Managed IT, business disaster recovery and backup service for  New Jersey and New York area businesses since 1996.


How is your state of IT? Call Us: (855) 551-7760 with any questions.