The U.S. Department of Justice (DoJ) has charged Russian citizens Maksim V.
The 10-count indictment charged Yakubets and Turashev with conspiracy, computer hacking, wire fraud, and bank fraud.
The 10-count indictment unsealed today, concerning the distribution of the malware they used to automate the theft of sensitive financial and personal information like banking credentials, as well as for infecting their victims with ransomware in more recent attacks.
The malware implements sophisticated evasion techniques, it was improved with new functionalities and its name initially changed in “Cridex,” and later in “Dridex.”
“According to the indictment,
According to the indictment, the criminal duo used the stolen banking credentials to make unauthorized transfers from the victims’ bank accounts to bank accounts owned by “money mules.” Then the criminals moved the money to other accounts or withdraw the funds and transport the funds overseas as smuggled bulk cash.
“For over a decade, Maksim Yakubets and Igor Turashev led one of the most sophisticated transnational cybercrime syndicates in the world,” said U.S. Attorney Brady. “Deploying ‘Bugat’ malware, also known as ‘Cridex’ and ‘Dridex,’ these
Yakubets is considered the leader of the gang behind the Bugat malware and
“Evil Corp has used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, causing more than $100 million in theft,” the U.S.
The U.S. Department of State’s Transnational Organized Crime (TOC) is offering a reward of up to $5 million as part of its Rewards Program for information that could allow arresting Yakubets.
According to the DoJ, Yakubets is also suspected to provide “direct assistance to the Russian FSB intelligence agency.
“As of April 2018, Yakubets was in the process of obtaining a license to work with Russian classified information from the FSB. As a result, Yakubets is also being designated pursuant to E.O. 13694, as amended, for providing material assistance to the FSB. Additionally, as of 2017, Yakubets was tasked to work on projects for the Russian state, to include acquiring confidential documents through cyber-enabled means and conducting cyber-enabled operations on its behalf.” continues the U.S. Treasury Department.
Prior to working with its accomplices for Evil Corp, Yakubets also collaborated with Evgeniy Bogachev, another popular Russian
According to the complaint, the deployment of the Zeus malware resulted overall in the attempted theft of an estimated $220 million USD, with actual losses of an estimated $70 million USD from victims’ bank accounts.
The Treasury Department also sanctioned other cyber criminals linked to the Evil Corp
(SecurityAffairs – Evil Corp, Dridex)