The US Department of Justice revealed the identities of two Russian hackers who were charged for developing and distributing the Dridex banking Trojan using which the hackers stole more than $100 million over a period of 10 years.
The leader of ‘Evil Corp’ hacking group, Maksim Yakubets, and his co-conspirator Igor Turashev distributed Dridex which was also known as ‘Bugat’ and ‘Cridex’ through multi-million email campaigns and targeted numerous organizations around the world.
The State Department also announced a reward of up to $5 million for providing information that could lead to the arrest of Yakubets. This is the largest bounty offered till date for a cybercrime suspect.
The DoJ stated that Bugat is a multi function malware package specifically designed to automate the theft of confidential personal and financial information, such as online banking credentials, from infected computers.
They were crafted to outcome antivirus and other protective measures employed by victims. The later versions were designed with additional functions of assisting in the installation of ransomware.
Yakubets was also been charged with conspiracy to commit bank fraud in connection with the infamous “Zeus” banking malware that stole $70 million from victims’ bank accounts.
Yakubets and his co-conspirators allegedly employed widespread computer intrusions, malicious software, and fraud in an effort to steal millions of dollars from numerous bank accounts in the United States and elsewhere since May 2009.
The hackers infected numerous business computers with malware that captured passwords, account numbers, and other information necessary to log into online banking accounts, and then used the stolen data to steal money from victims’ bank accounts.
According to the Justice Department, the FBI found the identities of both cybercriminals with the help of National Crime Agency (NCA) in the United Kingdom.
The NCA started their investigation on this from 2014 and collected evidence over the years that support the charges brought by the FBI.
While taking down the infrastructure supporting Dridex in 2015, NCA also helped the FBI arrest Andrey Ghinkul, one of the distributors of Dridex malware.
According to NCA, their investigations in the UK and the Metropolitan Police have also targeted Yakubets’ network of money launderers who have directed their profits back to Evil Corp. Eight people were sentenced to a total of over 40 years in prison.
Yakubets also provides direct assistance to the Russian government by stealing confidential documents through state-sponsored cyberattacks.
The criminals were claimed to have victimized 21 specific municipalities, private companies, banks, and non-profit organizations in California, Illinois, Massachusetts, Ohio, Texas, Washington, Iowa, Kentucky, Maine, New Mexico, and North Carolina, including multiple entities in Nebraska and a religious congregation.
The United States has also rolled out sanctions against 17 other individuals and 7 Russian companies for their connection with the Evil Corp hacking group.
At present, Yakubets is believed to be residing in Russia, but if he ever stepped out of the country, he would be arrested and extradited to the United States.