U.S. prosecutors have brought computer hacking and fraud charges against a Russian citizen, Maksim Yakubets, who is accused of developing and distributing Dridex, a notorious banking malware used to allegedly steal more than $100 million from hundreds of banks over a multi-year operation.
Per the unsealed 10-count indictment, Yakubets is accused of leading and overseeing Evil Corp, a Russian-based cybercriminal network that oversaw the creation of Dridex. The malware is often spread by email and infects computers, silently siphoning off banking logins. The malware has also been known to be used as a delivery mechanism for ransomware, as was the case with the April cyberattack on drinks giant Arizona Beverages.
The Russian hacker is also alleged to have used the Zeus malware to successfully steal more than $70 million from victims’ bank accounts. Prosecutors said the Zeus scheme was “one of the most outrageous cybercrimes in history.”
Justice Department officials, speaking in Washington, DC with their international partners from the U.K.’s National Crime Agency, said Yakubets also provided “direct assistance” to the Russian government in his role working for the FSB (formerly KGB) from 2017 to work on projects involving the theft of confidential documents through cyberattacks.
Prosecutors said Evil Corp was to blame for an “unimaginable” amount of cybercrime during the past decade, with a primary focus on attacking financial organizations in the U.S. and the U.K.
“Maksim Yakubets allegedly has engaged in a decade-long cybercrime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide,” said Brian Benczkowski, assistant attorney general in the Justice Department’s criminal division, in remarks.
The State Department announced a $5 million reward for information related to the capture of Yakubets, who remains at large.
In a separate statement, Treasury secretary Steven Mnuchin said the department issued sanctions against Evil Corp for the group’s role in international cyber crime, including two other hackers associated with the group — Igor Turashev and Denis Gusev — as well as seven Russian companies with connections to Evil Corp..
“This coordinated action is intended to disrupt the massive phishing campaigns orchestrated by this Russian-based hacker group,” said Mnuchin.