Published: Fri, December 06, 2019
Global News | By Blake Casey

United States indicts 'Evil Corp' hackers with alleged Russian intelligence ties

United States indicts 'Evil Corp' hackers with alleged Russian intelligence ties

Two main members of Evil Corp, Maksim Yakubets of Moscow and Igor Turashev from the Russian metropolis Yoshkar-Ola, have been charged with financial institution fraud and in addition sanctioned by the treasury division for growing and distributing the Dridex malware which stole swiped banking credentials from greater than 40 global locations. Both are capable of secretly infecting computers to steal login credentials for bank accounts.

Using the malware, the group attempted a theft of about $220 million, with actual losses of about $70 million, according to the Justice Department.

In 2015 USA and British investigators disabled the Dridex botnet, but "within weeks" Evil Corp adapted it and their infrastructure to resume their thefts.

The two men, who have not been arrested, are responsible for almost $70 million in losses suffered by their targets in a globe-spanning scheme in which they attempted to steal more than $220 million, according to two unsealed indictments.

The U.S. Treasury Department said it would sanction a Russian group known as "Evil Corp" and its leaders for cyber-thefts at hundreds of financial institutions around the world that total more than $100 million.

Today, US prosecutors have brought charges against the group's leader, Maksim Yakubets, who is allegedly responsible for the development and distribution of Dridex, a well-known banking malware that is able to evade traditional antivirus solutions and spreads mostly through email phishing campaigns.

The group is called - wait for it - Evil Corp.

Spotify Wrapped: Find Out Your Top Artists + Songs for 2019
If you head over to the Spotify site , there you'll find your Top Songs in a little featured section on the home page. If you're a Spotify user, you can log into the Spotify Wrapped website or view the content through the Spotify app.


Turashev was also a key figure within the Evil Corp cybercriminal organization as he was involved in exploiting the infected victims' computing systems and networks.

"The State Department, in partnership with the Federal Bureau of Investigation, announced today a reward of up to $5 million under the Transnational Organized Crime Rewards Program for information leading to the arrest and/or conviction of Yakubets", the DoJ says.

USA and British officials announced the charges today.

"Evil Corp and their Dridex software serves as yet another example of the Russian government enlisting the assistance of cybercriminals to carry out malign activities", a Treasury official told reporters on condition of anonymity.

British authorities described the 32-year-old Yakubets as a supercar-lover whose custom Lamborghini's license plate read "Thief" in Russian and ran his operation from the basements of Moscow cafes.

Yakubets is alleged to have committed separate cyber crimes on behalf of the Russian government, working for Russia's Federal Security Service (FSB), the country's domestic intelligence agency. "This coordinated action is meant to disrupt the massive phishing campaigns orchestrated by this Russian-based hacker group". From there, authorities say they would transfer money from a victim's bank into a "money mule" account, or someone who receives stolen funds and then moves it into an overseas account. The server contained chat logs involving a user with the handle "aqua", and the email address [email protected] Back in 2010, USA law enforcement transmitted a "mutual legal assistance request" to Russian authorities regarding the email address.

Dridex distributor Andrey "Smilex" Ghinkul was also arrested in 2015. The US Department of Justice said the amount was the largest offered for a cyber criminal to date.

Like this: