British and American law enforcement authorities have identified the two masterminds behind the “most dangerous cybercrime group in the world”.
Maksim Yakubets, 32, and 38-year-old Igor Turashev have caused “hundreds of millions of pounds” worth of financial losses in the UK alone through the hacking group “Evil Corp”, according to the UK’s National Crime Agency.
The US department of Justice is offering a $5 million reward for information that could lead to the arrest of Yakubets, aka “aqua,” who is wanted in connection with two separate international computer hacking and bank fraud schemes dating from May 2009 to the present. Twenty-one entities associated with the Russian hacker, including a network of money launderers have also been targeted by US and UK authorities.
“If Yakubets ever leaves the safety of Russia he will be arrested and extradited to the US,” the NCA said in a statement.
They are thought to be responsible for a malware called Dridex, which was spread via with phishing mails. According to investigators, victims were sent fake emails via a botnet- hijacked computer, tricking recipients into clicking on a link behind which hid the malware.
According to an alert issued by the US Department of Homeland Security: “Once downloaded and active, Dridex has a wide range of capabilities, from downloading additional software to establishing a virtual network to deletion of files.”
In 2016, Symantec assessed that Dridex was configured to target the customers of nearly 300 different organisations in over 40 countries.
Lynne Owens, Director General of the NCA, said: “The significance of this group of cyber criminals is hard to overstate; they have been responsible for campaigns targeting our financial structures with multiple strains of malware over the last decade.
“We are unlikely to ever know the full cost, but the impact on the UK alone is assessed to run into the hundreds of millions.”
US authorities said Mr Yakubets was also involved in a similar scheme using another form of malware – known as Zeus – which stole $70m from victims’ bank accounts.
According to reporting in the BBC, Yakubets spent more than £250,000 ($328,971) of criminal proceeds on his wedding and drives a customised Lamborghini with a personalised number plate which reads “Thief” in Russian.
In addition to his alleged cybercriminal activities, Yakubets, “also provides direct assistance to the Russian government’s malicious cyber efforts, highlighting the Russian government’s enlistment of cybercriminals for its own malicious purposes,” according to the Treasury Department.
“Our goal is to shut down Evil Corp, deter the distribution of Dridex, target the ‘money mule’ network used to transfer stolen funds, and ultimately to protect our citizens from the group’s criminal activities,” said Steven Mnuchin, US Treasury Secretary said in a statement