Numerous cybercrime groups, including REvil, Dharma, and Netwalker, have used NLBrute.
A 28-year-old Russian national, Dariy Pankov a/k/a “dpxaker.”, was arrested in the Republic of Georgia on October 4, 2022, and, upon request, extradited to the United States, where he appeared before Magistrate Christopher P. Tuite on 21st February 2023.
Pankov is charged with conspiracy, access device fraud, and computer fraud. The Department of Justice’s press release explains that Pankov was behind the creation of a brute force attack tool known as “NLBrute”.
A brute force attack uses trial-and-error to guess the login credentials of password-protected systems.
Pankov marketed, sold, and had others sell NLBrute, which was used by numerous cybercrime groups, including REvil, Dharma, and Netwalker. He also sold stolen credentials on dark web websites that specialize in the sale and purchase of access to compromised computers.