Justice Dept. charges Russian hacker behind the Dridex malware

Justice Dept. charges Russian hacker behind the Dridex malware

Justice Dept. charges Russian hacker behind the Dridex malware

An indictment unsealed in Pittsburgh named Maksim Yakubets and his Evil Corp partner Igor Turashev as the main figures in a group which inserted malware on computers in dozens of countries to steal more than $100 million from companies and local authorities. "Bugat malware was specifically crafted to defeat antivirus and other protective measures employed by victims".

US prosecutors have brought computer hacking and fraud charges against a Russian citizen, Maksim Yakubets, who is accused of developing and distributing Dridex, a notorious banking malware used to allegedly steal more than $100 million from hundreds of banks over a multi-year operation. "Later versions of the malware were designed with the added function of assisting in the installation of ransomware".

Officials say Evil Corp. developed and distributed a type of malware that infected computers around the world and harvested banking credentials in order to steal some $100 million.

Evil Corp used phishing schemes to insert Dridex, Bugat and other malware files on a victims' computers, gaining access to identities, passwords, and ultimately bank accounts, from which they then transferred millions of dollars to themselves.

"These two cases demonstrate our commitment to unmasking the perpetrators behind the world's most egregious cyberattacks", Assistant Attorney General Brian Benczkowski said.

The FBI are seeking two Russian nationals in widespread malware attacks.

The NCA started its investigation into the Dridex group back in 2014 and collected evidential material over several years that support the charges brought by the FBI.

Dridex distributor Andrey "Smilex" Ghinkul was also arrested in 2015.

The eight have received sentences totalling 40 years in prison, NCA said.

Justice Department officials, speaking in Washington DC with their global partners from the U.K.'s National Crime Agency, said Yakubets also provided "direct assistance" to the Russian government in his role working for the FSB (formerly KGB) from 2017 to work on projects involving the theft of confidential documents through cyberattacks. According to The Washington Post, targeted companies included a dairy company in OH, a luggage store in New Mexico and an order of religious sisters.

U.S. news outlets also said that treasury officials believed that Yakubets had committed other cybercrimes on behalf of the Russian government, as part of a scheme where Russian intelligence agencies recruit criminal hackers in order to target entities related to national security.

Treasury Secretary Steven Mnuchin went so far as to call the organization a "Russian-based hacker group", and accuse Yakubets and his associates of working for the Russian intelligence agency FSB, "highlighting the Russian government's enlistment of cybercriminals for its own malicious purposes". "This coordinated action is meant to disrupt the massive phishing campaigns orchestrated by this Russian-based hacker group", said Steven T. Mnuchin, Secretary of the Treasury.

Related news

[an error occurred while processing the directive]