A Russian national named Dariy Pankov, also known as “dpxaker,” has recently made his first court appearance in Florida. He is facing criminal charges for creating the NLBrute brute-force hacking tool, which was allegedly used to hack into improperly secured Remote Desktop Protocol (RDP) systems to spawn a criminal empire.
The US Department of Justice accused Pankov of making hundreds of thousands of dollars by selling the NLBrute tool to other criminals and allowing some to resell it. He also sold stolen login credentials on a dark web marketplace for further attacks. Pankov put more than 35,000 compromised systems’ credentials up for sale, generating over $350,000 in profit for himself.
The US Attorney’s Office for the Middle District of Florida alleges that Pankov could face up to 47 years in prison if found guilty of conspiracy, access device fraud, and computer fraud charges. US authorities are also planning to seize $358,437, which they have linked to Pankov’s offenses. Pankov is currently being held at Pinellas County Jail near Tampa until his trial.
Background on NLBrute Hacking Tool
According to the indictment handed up in April 2019, Pankov created NLBrute in 2016 and began working with unnamed people to sell the tool on the dark web for $250 in Bitcoin. Pankov advertised the tool in June 2016 and two months later told a conspirator that he had the login credentials to 3,000 computers in the US, UK, France, Italy, and Australia and could get more. In November 2016, Pankov allegedly allowed a conspirator to sell NLBrute on an online hacking forum.
NLBrute has been linked to ransomware groups like REvil and Netwalker, and was a key tool in ransomware attacks in 2017 that used Microsoft’s RDP as a way into vulnerable systems, according to Sophos researchers.
NLBrute was also mentioned in a 2018 report by McAfee about the growth of “RDP shops” on the dark web, which sold access to compromised systems for as little as $10 each. Miscreants used NLBrute and other brute-force tools like Hydra and RDP Forcer to gain access.
Conclusion
NLBrute is a brute-force hacking tool that was created by a Russian national named Dariy Pankov. Pankov allegedly used the tool to spawn a criminal empire by cracking the Windows credentials of improperly secured Remote Desktop Protocol (RDP) systems.
He made hundreds of thousands of dollars by selling NLBrute to other criminals and allowing some to resell it. Pankov put more than 35,000 compromised systems’ credentials up for sale, generating over $350,000 in profit for himself. Pankov is facing criminal charges, which could land him in jail for up to 47 years, and US authorities are planning to seize $358,437 linked to his offenses.
It’s important to use strong passwords and enable two-factor authentication to protect against brute-force attacks.
What is NLBrute?
NLBrute is a brute-force hacking tool created by a Russian national named Dariy Pankov, also known as “dpxaker.” It was used to crack the Windows credentials of improperly secured Remote Desktop Protocol (RDP) systems by guessing passwords.
How was NLBrute used in criminal activities?
Pankov allegedly made hundreds of thousands of dollars by selling NLBrute to other criminals and allowing some to resell it. He also sold stolen login credentials on a dark web marketplace for further attacks. Pankov put more than 35,000 compromised systems’ credentials up for sale, generating over $350,000 in profit for himself.
What are brute-force attacks?
Brute-force attacks are a type of cyber attack that involves an automated method of trying different combinations of usernames and passwords to gain access to a system. This method is often used by hackers to gain unauthorized access to a system, steal sensitive data, or install malware. Brute-force attacks are successful against weak passwords or improperly secured systems.
How can I protect myself against brute-force attacks?
There are several ways to protect yourself against brute-force attacks. One of the best ways is to use strong passwords that are difficult to guess. A strong password should contain a combination of uppercase and lowercase letters, numbers, and symbols. Additionally, you can enable two-factor authentication on your accounts to add an extra layer of security. It’s also important to keep your software and operating system up to date with the latest security patches.
