Alleged Zeus botnet master nabbed in Bangkok

Financial malware netted 'Happy Hacker' $100m over three years, authorities claim.

Hand coming out of screen stealing credit card

An Algerian hacker arrested in Thailand on 6 January is the master of a botnet that stole $100 million (62 million) from banks worldwide, it is claimed.

Dubbed the Happy Hacker' because of his smiling appearance, 24-year-old computer sciences graduate Hamza Bendelladj was arrested in Suvarnabhumi Airport, Bangkok, following a tip-off from the FBI.

Bendelladj, who is said to have gone by the handle bx1, is alleged to have been in command of a significant Botnet using two of the most notorious financial malwares of the past five years, ZeuS and SpyEye.

Thai immigration bureau chief Pharnu Kerdlarpphon told a press conference Bendelladj had allegedly hacked private accounts held in 217 banks and financial institutions worldwide, amassing huge amounts of money, the Bangkok Post reports.

"With just one transaction he could earn 10 to 20 million dollars. He's been travelling the world, flying first class and living a life of luxury," Kerdlarpphon said.

At the press conference, Bendelladj laughed off suggestions from the Thai authorities that he was on the FBI's top-10 most wanted list, saying he was "maybe just 20th or 50th", before denying he is a terrorist.

He is now awaiting extradition to the US state of Georgia.

Commenting on Bendelladj's detention, Marcin Kleczynski, CEO of Malwarebytes, told IT Pro: "Arrests like this do not typically impact the volume of threats in the short term, because there are so many variants in the wild, but over time more virulent zero-day Trojans will take the mantle.

"The power in coordinated law-enforcement actions is more that they act as a deterrent for aspiring malware-writers, proving that it is not easy to remain electronically hidden from the police," Kleczynski added.

Featured Resources

Consumer choice and the payment experience

A software provider's guide to getting, growing, and keeping customers

Download now

Prevent fraud and phishing attacks with DMARC

How to use domain-based message authentication, reporting, and conformance for email security

Download now

Business in the new economy landscape

How we coped with 2020 and looking ahead to a brighter 2021

Download now

How to increase cyber resilience within your organisation

Cyber resilience for dummies

Download now

Most Popular

How to find RAM speed, size and type
Laptops

How to find RAM speed, size and type

16 Jun 2021
EU plans to launch bloc-wide cyber task force
cyber attacks

EU plans to launch bloc-wide cyber task force

22 Jun 2021
What is HTTP error 400 and how do you fix it?
Network & Internet

What is HTTP error 400 and how do you fix it?

16 Jun 2021