Three-year hunt nabs 'smiling hacker'

ATLANTA - US officials have described an Algerian national known as "the smiling hacker" after his arrest at Suvarnabhumi airport in January as a brain behind a worldwide cybercrime consortium that taught ordinary computer users how to rob banks online.

Hamza Bendelladj appeared in court in the US city of Atlanta after a three-year manhunt that ended in Bangkok.

He allegedly helped to head up sale and use of a powerful hacking software known as SpyEye.

Hamza Bendelladj of Algeria was arrested when he arrived at Suvarnabhumi airport in January, on an international warrant charging he had hacked private accounts in 217 banks and finance houses. (Bangkok Post photo by Somchai Poomlard)

Bendelladj, known for years in underground computer forums simply as Bx1, was accused in a 23-count indictment of crimes including computer and bank fraud. The charges, unsealed Saturday in Atlanta, stemmed from his alleged role in selling and supporting SpyEye, which allows hackers to hijack victims' bank accounts through their own home computers.

"Bendelladj's alleged criminal reach extended across international borders, directly into victims' homes," US Attorney Sally Quillian Yates in Atlanta said in a statement before his arraignment.

SpyEye, which can be purchased for as little as $2,000 (about 60,000 baht), helped turn hacking into an easy and lucrative occupation and drove a cybercrime boom that has drained tens of millions of dollars from bank accounts in the US and Europe, according to Brett Stone-Gross, a security expert at Dell SecureWorks in Atlanta.

The use of SpyEye has fallen off in the past year as law enforcement operations against the group have intensified, Stone-Gross said in an e-mail.

Bendelladj, 24, was extradited from Thailand at the request of US authorities after his arrest there on Jan 5.

Wearing a dress shirt and black athletic pants, he smiled frequently and chatted in the Atlanta courtroom, much as he chatted with reporters and photographers after his arrest at Suvarnabhumi. He said he didn't need an interpreter because he spoke fluent English.

Bendelladj was unable to enter a plea because his attorney, Damian Martinez, hadn't been approved yet to practice in Georgia. Martinez said after the hearing that his client would plead not guilty when he returns to court next week.

Prosecutors said Bendelladj is a flight risk and requested that he be held without bail.

Bendelladj, who according to the indictment also helped support hacking operations by providing servers to control the hijacked computers, is a close associate of SpyEye's creator, a shadowy hacker known by the nickname "gribodemon", according to security experts who helped track the group.

One expert who aided in the investigation said that Bendelladj's real identity was uncovered through a series of mistakes made by the hacker, including the use of two email addresses that led to his Facebook account.

The researcher recorded a 2011 conversation with Bendelladj in Asia, which helped the FBI confirm his identity. The security expert asked not to be named because Bendelladj's associates are still at large.

Prosecutors allege that Bendelladj sold the SpyEye hacking software, and also designed modules that enhanced its effectiveness.

The software can be customised to get around the security of specific banks' websites. Once a computer is infected with SpyEye, hackers can use it to take over online banking sessions and transfer money to accounts they control.

It can also be programmed to automatically steal passwords to e-commerce sites and scrape credit card numbers and expiration dates.

Related search: thailand, suvarnabhumi, spyeye, smiling hacker, algerian, Hamza Bendelladj, atlanta, 23 counts, banks, cybercrime,

About the author

Writer: Bloomberg News
Position: News agency