$5m Bounty For Russian Hacker

Uploaded on 2019-12-12 in TECHNOLOGY--Hackers, GOVERNMENT-Law Enforcement, FREE TO VIEW

The US State Department in collaboration with the US Department of Justice and the FBI are offering an unprecedented $5 million reward for information leading to the arrest or conviction of a Russian hacker named Maksim Yakubets (pictured).  The Lamborghini-driving Moscow hacker who called his operation Evil Corp and has ties to the FSB Russian intelligence service was indicted by US authorities on Thursday for the cybertheft of tens of millions of dollars.

This hacker is allegedly responsible for stealing tens of millions of dollars from banks and consumers over the past decade. In a criminal complaint unsealed in federal court in Nebraska, the US has charged Moscow-based Yakubets of running the notorious Zeus banking malware operation since at least 2009. 

Yakubets and multiple co-conspirators are alleged to have installed Zeus on thousands of business computers and captured information that allowed them to later log into online banking accounts belonging to the victims and initiate fraudulent wire transfers.

Yakubets and other members of his group attempted to steal a staggering $220 million using Zeus and ending up netting at least $70 million from victim bank accounts. 

Among the numerous organisations that were victimised in the Zeus campaign were Bank of America, Bank of Albuquerque, Key Bank, Bullitt County Fiscal Court, GenLabs, and United Dairy. US Federal authorities separately also charged Yakubets and another Russian national, Igor Turashev, 38, with stealing and attempting to steal money from online bank accounts belonging to thousands of individuals and businesses using Bugat - aka Dridex - malware.

The Dridex campaign began around 2009, and as with the Zeus scheme, resulted in millions of dollars being siphoned out of the online bank accounts of consumers and businesses. 

A representative list of victims included at least two banks and four companies. Attacks involving Dridex continued until as recently as March 2019, the DoJ said in a statement announcing the indictment.

"For over a decade, Maksim Yakubets and Igor Turashev led one of the most sophisticated transnational cybercrime syndicates in the world," said US Attorney Scott Brad of Western District of Pennsylvania.

The Dridex operation was one of the most widespread malware campaigns the Justice Department has ever encountered, he added.

Yakubets is alleged to have managed the development, distribution, and maintenance of Dridex and also oversaw the actual financial theft and the use of money mules to receive wire transfers and ACH payments. Turashev served as the systems administrator and was in charge of Dridex botnet operations. NPR on Thursday quoted senior Treasury Department officials describing Yakubets as also working separately for Russia's domestic intelligence agency the Federal Security Service (FSB).

"Maksim Yakubets allegedly has engaged in a decade-long cybercrime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide," said Assistant Attorney General Brian Benczkowski. 

The $5 million reward for his arrest or conviction is the largest ever the US government has offered in connection with a cybercrime.

Tens of Millions in Losses
According to charging documents unsealed recently in connection with both indictments, Yakubets, Turashev, and others involved in the Dridex campaign infected systems by tricking victims into opening malicious attachments or clicking on rogue links in phishing emails.  They used the malware to collect usernames and passwords to bank accounts either via keystroke logging or by hijacking computer sessions and directing victims to spoofed bank login pages. 
The stolen credentials were then used to initiate fraudulent wire transfers to overseas accounts and to an extensive network of money mules in the US.

Yakubets and Turashev were charged in Pittsburgh and a parallel indictment in Lincoln, Nebraska with multiple counts of conspiracy, computer hacking, wire fraud and bank fraud. Both men are believed to be in Russia, and face possible extradition to the United States if they are arrested in other countries.

FBI:       Dept of Justice:        Dark Reading:        SCMP:     Image: FBI

You Might Also Read:

Bank Creates Its Own AI To Identify & Disintegrate Malware:

Malware – The Hateful Eight:

 

« Bitcoin, Murder & Mafia On “Blockchain Island”
Malware Is Stealing Hotel Guest Data »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Authentic8

Authentic8

Authentic8 transforms how organizations secure and control the use of the web with Silo, its patented cloud browser.

BackupVault

BackupVault

BackupVault is a leading provider of automatic cloud backup and critical data protection against ransomware, insider attacks and hackers for businesses and organisations worldwide.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

The Networking People (TNP)

The Networking People (TNP)

TNP supplies independent advice allowing large organisations to design, build and operate their own networks independently of the established telecoms companies.

Techmeme

Techmeme

Techmeme is an online news curation service focused on leading edge technology, including cyber security.

ManTech International

ManTech International

ManTech provides comprehensive, integrated cyber security support, which includes computer and network design, implementation, and operations.

techUK

techUK

techUK represents companies operating in the tech sector in the UK. Focus areas cover all aspects of ICT including cyber security.

Akheros

Akheros

Akheros develops cybersecurity learning algorithms which anticipate, detect and prevent offensive and incongruous behaviors of M2M interactions.

Coalition

Coalition

Coalition combines comprehensive insurance and proprietary security tools to help businesses manage and mitigate cyber risk.

AuthLite

AuthLite

With AuthLite, you can keep using all your existing software, with added two-factor authentication security placed exactly where you need it.

Conquest Cyber

Conquest Cyber

Conquest Cyber builds adaptive risk management programs where innovation is most needed – within defense, intelligence, federal civilian agencies and the industrial base that supports them.

Solvere One

Solvere One

Solvere One is a managed service provider (MSP) focused on corporate consulting and partnership.

Truvantis

Truvantis

Truvantis is a cybersecurity consulting organization providing best-in-class cybersecurity services to secure your organization’s infrastructure, data, operations and products.

Dimension Data

Dimension Data

Dimension Data is a leading African born technology provider operating in the Middle East and Africa, offering a portfolio of services including intelligent security solutions.

Silverse

Silverse

At Silverse, we specialize in building a comprehensive cybersecurity journey, anchored by our extensive experience, industry expertise, and an ecosystem of trusted partners.

Next DLP

Next DLP

Next DLP (formerly Jazz Networks) is a leading provider of insider risk and data protection solutions.

SecureLake

SecureLake

SecureLake (formerly Managni) is one of the most trusted US-based IT security and infrastructure companies.

Kaine Mathrick Tech (KMT)

Kaine Mathrick Tech (KMT)

KMT deliver comprehensive cyber-first outsourced technology support and solutions that scale with your business.

Hakai Security

Hakai Security

Hakai is a consulting firm specializing in information security that offers customized services and products to meet the needs and goals of each business.