Hamza Bendelladj | |
Birth Date: | 1988 |
Birth Place: | Tizi Ouzou, Algeria |
Other Names: | BX1 Smiling Hacker |
Nationality: | Algerian |
Alma Mater: | University of Science and Technology Houari Boumediene |
Occupation: | Computer engineer, hacker |
Hamza Bendelladj (Arabic: حمزة بن دلاج|Ḥamza ben Delāj; born 1988)[1] is an Algerian cybercriminal and carder who goes by the code name BX1[2] and has been nicknamed as the "Smiling Hacker".
This led to a search for him that lasted 5 years. He was on the top 10 list of the most wanted hackers by Interpol and the FBI[3] for allegedly embezzling tens of millions of dollars[4] from more than two hundred American and European financial institutions via a computer virus, the "SpyEYE Botnet", which infected more than 60 million computers worldwide, mostly from the United States,[5] and was developed with his Russian accomplice Aleksandr Andreivich Panin, a.k.a. "Gribodemon",[6] to steal banking information stored on infected computers.[7]
Using malicious software called "SpyEye", Bendelladj under the pseudonyms "BX1" or "Daniel HB", broke into the computers of banks and private individuals to acquire passwords and identification codes. Once he took control of an account, he emptied it.[8]
After a three-year chase, Bendelladj was arrested on January 7, 2013 by Thai police while making a stopover in Bangkok in transit between Malaysia and Egypt. He did not resist arrest. He said goodbye to his family as he was arrested and his wife and daughter continued their journey to Egypt without him. He earned the nickname "Smiling Hacker" due to the smile on his face during his media presentation on all the photos taken after his arrest even when handcuffed.[9] According to Thai police, Bendelladj was in the top 10 most wanted by the FBI.[10]
Despite much information on the internet Bendelladj did not get sentenced to death, and claims saying he donated any money to charity are almost impossible to verify. Trial documents did not mention any donations or charity activities, making the claim of charity disputed and not known for sure.[11] [12]
He was extradited in May 2013 to the United States. He was tried in Atlanta where he pleaded guilty on June 25, 2015. He faced a sentence of up to 30 years in prison and a fine of fourteen million dollars.[13]
His accomplice Aleksandr Andreevich Panin was arrested on July 1, 2013, at Atlanta Hartsfield-Jackson International Airport and pleaded guilty in January 2014 to the Atlanta Federal Court.
Rumours began spreading online that he was facing the death penalty.[14] A petition was launched demanding that the Algerian Ministry of Foreign Affairs and President Barack Obama intervene for his release.[15] The US ambassador to Algeria, Joan A. Polaschik wrote on her Twitter account that "computer crimes are not capital crimes and are not punishable by the death penalty".[16]
The ODU hack reveals links to past events involving Palestine, as seen in Trend Micro's Operation Arid Viper research. Arid Viper targets high-profile organisations in Israel and Kuwait to show solidarity for Palestine.[17]
Bendelladj has been in prison in the United States since May 2013, with the US court sentencing him on April 20, 2016, to 15 years in prison and 3 years of probation.[18] Bendelladj is currently held at the Terminal Island - Federal Bureau of Prisons, a minimum security facility. [19] His Russian accomplice Panin, 27, a.k.a. "Gribodemon", was sentenced to 9 years and 6 months.[20]
In their report, the United States Department of Justice estimated the "SpyEye" virus had stolen approximately a billion dollars. Between 2010 and 2012, the affected banks repaired the damage caused by this malware. Bendelladj's lawyer announced that he intended to appeal against the court's decision.[21]