The United States Department of Justice today disclosed the identities of two Russian hackers and charged them for developing and distributing the Dridex banking Trojan using which the duo stole more than $100 million over a period of 10 years.
Maksim Yakubets, the leader of ‘Evil Corp’ hacking group, and his co-conspirator Igor Turashev primarily distributed Dridex — also known as ‘Bugat‘ and ‘Cridex‘ — through multi-million email campaigns and targeted numerous organizations around the world.
The State Department has also announced a reward of up to $5 million—the largest offered bounty to date for a cybercrime suspect—for providing information that could lead to the arrest of Yakubets, who remains at large.
“Bugat is a multifunction malware package designed to automate the theft of confidential personal and financial information, such as online banking credentials, from infected computers,” the DoJ said in its press release.
“Bugat malware was specifically crafted to defeat antivirus and other protective measures employed by victims. Later versions of the malware were designed with the added function of assisting in the installation of ransomware.”
Besides developing and distributing Dridex, Yakubets has also been charged with conspiracy to commit bank fraud in connection with the infamous “Zeus” banking malware that stole $70 million from victims’ bank accounts.
Starting May 2009, Yakubets and his co-conspirators allegedly employed widespread computer intrusions, malicious software, and fraud in an effort to steal millions of dollars from numerous bank accounts in the United States and elsewhere.
The hackers infected thousands of business computers with malware that captured passwords, account numbers, and other information necessary to log into online banking accounts, and then used the stolen data to steal money from victims’ bank accounts.
“Yakubets allegedly has engaged in a decade-long cyber crime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide,” said Brian A. Benczkowski, Assistant Attorney General of DoJ’s Criminal Division.
According to the Justice Department, the FBI discovered the identities of both Russian cybercriminals with the help of its foreign counterpart National Crime Agency (NCA) in the United Kingdom.
The joint investigation revealed that Yakubets “also provides direct assistance to the Russian government” by stealing confidential documents through state-sponsored cyberattacks.
The duo has been alleged to have victimized 21 specific municipalities, private companies, banks, and non-profit organizations in California, Illinois, Massachusetts, Ohio, Texas, Washington, Iowa, Kentucky, Maine, New Mexico, and North Carolina, including multiple entities in Nebraska and a religious congregation.
The United States has also rolled out sanctions against 17 other individuals and 7 Russian companies for their connection with the Evil Corp hacking group.
- Russian Hacker Behind NeverQuest Banking Malware Gets 4 Years in U.S. Prison
- Hackers Behind GozNym Malware Sentenced for Stealing $100 Million
- ‘GozNym’ Banking Malware Gang Dismantled by International Law Enforcement
- Pakistani Man Bribed AT&T Insiders to Plant Malware and Unlock 2 Million Phones
- Russian Pleads Guilty to Running ‘CardPlanet’ to Sell Stolen Credit Cards