Russian Hacker Charged in Malware Scheme
A Russian hacker who went by the online moniker “aqua” was indicted in Lincoln last week for conspiracy to commit bank fraud using the “Zeus” malware.
Maksim V. Yakubets, 32, of Moscow, also faces a 10-count indictment – along with another alleged hacker, Igor Turashev, 38, of Yoshkar-Ola, Russia – from a federal grand jury in Pittsburgh for the “Bugat” malware conspiracy, aka “Dridex” or “Kridex.”
The charges include conspiracy, computer hacking, wire fraud, and bank fraud. The two men have not been arrested and their whereabouts are unknown.
The U.S. Department of Justice unsealed the charges last Thursday against Yakubets, the alleged leader of a Russian cybercriminal gang that officials believe stole at least $100 million from banks and other financial institutions in more than 40 countries over the past decade using malware.
The U.S. Treasury Department also announced it was freezing all assets of the two Russian men along with 15 other associates and seven Russian-based organization, including Evil Corp., their alleged umbrella group.
“The Zeus scheme was one of the most outrageous cybercrimes in history,” said U.S. Attorney for the District of Nebraska Joseph P. Kelly. “Our identification of Yakubets as the actor who used the moniker ‘aqua’ in that scheme, as alleged in the complaint unsealed today, is a prime example of how we will pursue cyber criminals to the ends of justice no matter how long it takes, by tracking their activity both online and off and working with our international partners to expose their crimes.”
Yakubets and co-conspirators allegedly infected thousands of business computers with malicious software that captured passwords, account numbers and other information necessary to log into online banking accounts, and then used the captured information to steal money from victims’ bank accounts, according to the Justice Department. The Zeus and Bugat schemes both allegedly used money mules and botnets.
The criminal complaint against Yakubets includes an affidavit from FBI Special Agent Jacob M. Foiles, a member of the Cyber Task Force in the Omaha Field Office. It lists victims that include First National Bank of Omaha and Union Bank and Trust of Lincoln. Other victims include Doll Distributing of Des Moines, Iowa, which operates a facility in Council Bluffs, and Husker Ag LLC of Plainview, Nebraska.
The Zeus malware was used for the attempted theft of about $220 million, which actual losses of an estimated $70 million, according to the Justice Department. Yakubets’ alleged role in the scheme was to provide money mules and their associated banking credentials in order to facilitate the movement of money, which was withdrawn from victim accounts by fraudulent means.
The announcement was made alongside the United Kingdom’s National Crime Agency.
“Maksim Yakubets allegedly has engaged in a decade-long cybercrime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide,” said Assistant Attorney General Brian A. Benczkowski. “These two cases demonstrate our commitment to unmasking the perpetrators behind the world’s most egregious cyberattacks. The assistance of our international partners, in particular the National Crime Agency of the United Kingdom, was crucial to our efforts to identify Yakubets and his co-conspirators.”
The cases are not the first involving the cyber-racketeering ring. Two co-conspirators of Yakubets, both Ukrainian nationals, were extradited after their 2014 indictment and have pleaded guilty to conspiracy charges.
The State Department and the FBI are offering a $5 million reward for information leading to Yakubets’ arrest and conviction. Officials say that’s the largest reward ever offered for an accused cybercriminal.
“Today’s announcement involved a long running investigation of a sophisticated organized cybercrime syndicate,” FBI Deputy Director Bowdich said last Thursday. “The FBI, with the assistance of private industry and our international and U.S. government partners, is sending a strong message that we will work together to investigate and hold all criminals accountable. Our memory is long and we will hold them accountable under the law, no matter where they attempt to hide.”
For more information, including additional remarks and copies of the Yakubets indictment and complaint, visit bit.ly/2s0VjO0.
This report contains material from The Associated Press.
User login
Omaha Daily Record
The Daily Record
222 South 72nd Street, Suite 302
Omaha, Nebraska
68114
United States
Tele (402) 345-1303
Fax (402) 345-2351