The US Department of Justice, Department of State and the UK’s National Crime Agency announced on December 5 the indictment of Russian nationals who run Evil Corp, a cyber crime group responsible for the loss of millions of dollars in the UK and US.
According to a press release from the FBI, Maksim V Yakubets and Igor Turashev were charged with infecting tens of thousands of computers with a malicious code called Bugat. Once installed, the computer code, also known as Dridex or Cridex, allowed the criminals to steal banking credentials and funnel money directly out of victims’ accounts.
A later version of the Evil Corp scheme also installed ransomware on victim computers, with the criminals then demanding payment in cryptocurrency for returning vital data or restoring access to critical systems.
The FBI stated that the crimes were committed through the distribution of malware through email phishing campaigns. “Victims were tricked into opening a document or clicking on a graphic or link that appeared to be from a legitimate source,” the bureau’s press released stated. “The link or attachment downloaded the malicious code onto the user’s machine, where it could also spread to any networked computers.”
Among those affected in the United States were a Pennsylvania school district that saw $999,000 wired out of its accounts and an oil company that lost more than $2 million.
The National Crime Agency said that Yakubets employed dozens of people to run his operation from the basements of Moscow cafes and that Evil Corp targeted the UK for almost a decade.
The agency said that Yakubets, who drives a customised Lamborghini with a personalised number plate that translates to “Thief” and spent over a quarter of a million pounds on his wedding, was now subject to a $5 million US State Department reward, the largest ever offered for a cyber criminal. They warned that if Yakubets was ever to leave Russia he would be arrested and extradited to the US. Credit: National Crime Agency UK via Storyful