The Justice Department unveiled charges today against the leaders of a Russian hacking group called Evil Corp (yes, the name of the company from Mr. Robot) that’s alleged to have used malware to steal more than $100 million from bank accounts around the world.
The State Department is offering a $5 million reward for information leading to the arrest and/or conviction of 32-year-old Maksim V. Yakubets, said to be the leader of Evil Corp. It’s said to be the largest reward ever offered for a cybercriminal. The Moscow resident is also alleged to have provided assistance to Russian state hacking efforts, including working with the Russian spy agency called the FSB, Treasury Department officials said in announcing sanctions against Evil Corp affiliates.
The Evil Corp malware—with versions known as Bugat, Cridex, and Dridex—allegedly stole people’s online banking credentials, letting Evil Corp use them to siphon off funds. They allegedly wired the stolen money to so-called “money mules” who transferred the funds online to the criminals or even withdrew them as cash. Victims included two banks, a school district, and manufacturing companies, prosecutors said.
“Maksim Yakubets allegedly has been engaged in cybercrime on an almost unimaginable scale for over a decade,” said Assistant Attorney General Brian A. Benczkowski in a statement announcing the charges.
Yakubets also faces separate charges in Nebraska federal court for his links to a second malware variant called Zeus, allegedly used to steal another $70 million.
“Because many of the victims of both Bugat and Zeus are small- and mid-size businesses, their accounts typically do not have the same legal protections afforded to consumer accounts, so some of the losses involved were particularly devastating,” Benczkowski said. “Yakubets and his co-conspirators did not discriminate in their choice of targets. For example, the Nebraska complaint alleges that Yakubets was directly involved in the theft of tens of thousands of dollars from a religious order of Franciscan sisters.”
Prosecutors also announced charges against Igor Turashev, 38, from Yoshkar-Ola, Russia, for allegedly doing technical work related to the Bugat malware. Like Yakubets, Turashev is still at large.