Leading Back Office Systems for Banks

In-depth Supplier Profiles and User Lists. Subscribe now

In-depth Banking Tech and FinTech Research

Over 300 research reports that's updated quarterly. Subscribe now

RPA in Banking: Strategies and Pitfalls

Insights on RPA Suppliers and Case Studies. Subscribe now

US, UK expose Russian cybercrime group

Maksim Yakubets, a Russian national has been indicted on cybercrime charges in the US following unprecedented collaboration between the Federal Bureau of Investigation (FBI), the UK National Crime Agency and National Cyber Security Centre.

The US Department of Justice, and the UK, through the NCA, unsealed cybercrime charges in Pittsburgh, Pennsylvania, and Lincoln, Nebraska, against Maksim V. Yakubets, 32, of Moscow, Russia, related to two separate international computer hacking and bank fraud schemes spanning from May 2009 to the present.  A second individual, Igor Turashev, 38, from Yoshkar-Ola, Russia, was also indicted in Pittsburgh for his role related to the “Bugat” malware conspiracy.

Yakubets and Turashev, have been charged with conspiracy, computer hacking, wire fraud, and bank fraud, in connection with the distribution of “Bugat” (also known as “Cridex” and “Dridex”, a multifunction malware package designed to automate the theft of confidential personal and financial information, such as online banking credentials, from infected computers.  Later versions of the malware were designed with the added function of assisting in the installation of ransomware.

A cybercrime complaint was also unsealed in Lincoln charging Yakubets with conspiracy to commit bank fraud in connection with the “Zeus” malware.  Beginning in May 2009, Yakubets and multiple co-conspirators are alleged to have a long-running conspiracy to employ widespread computer intrusions, malicious software, and fraud to steal millions of dollars from numerous bank accounts in the US and elsewhere.  Yakubets and his co-conspirators allegedly infected thousands of business computers with malicious software that captured passwords, account numbers, and other information necessary to log into online banking accounts, and then used the captured information to steal money from victims’ bank accounts. According to the complaint, the deployment of the Zeus malware resulted overall in the attempted theft of an estimated $220 million, with actual losses of an estimated $70 million from victims’ bank accounts.

The US State Department, in partnership with the FBI, has announced a reward of up to $5 million under the Transnational Organized Crime Rewards Program for information leading to the arrest and/or conviction of Yakubets.  This is the largest such reward offer for cybercrime to date.

If Yakubets, who used the online name “Aqua”, ever leaves the safety of Russia he will be arrested and extradited to the US. Lynne Owens, Director General of the UK’s NCA, said: “The significance of this group of cybercriminals is hard to overstate; they have been responsible for campaigns targeting our financial structures with multiple strains of malware over the last decade. We are unlikely to ever know the full cost, but the impact on the UK alone is assessed to run into the hundreds of millions.

“These indictments demonstrate that our world-leading law enforcement, in unparalleled cooperation with our US allies, is tirelessly committed to cracking down on cyber criminality – pursuing legal action and targeting their finances no matter where criminals are based.

“It is our assessment that Maksim Yakubets and Evil Corp – the cybercrime group he controls – represent the most significant cybercrime threat to the UK.”

Assistant Attorney General Brian A. Benczkowski of the US Justice Department’s Criminal Division said: “Maksim Yakubets allegedly has engaged in a decade-long cybercrime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide.

“These two cases demonstrate our commitment to unmasking the perpetrators behind the world’s most egregious cyberattacks. The assistance of our international partners, in particular the National Crime Agency of the United Kingdom, was crucial to our efforts to identify Yakubets and his co-conspirators.”

FBI Deputy Director David Bowdich said the announcement involved a long running investigation of a sophisticated organised cybercrime syndicate. He said: “The charges highlight the persistence of the FBI and our partners to vigorously pursue those who desire to profit from innocent people through deception and theft. By calling out those who threaten American businesses and citizens, we expose criminals who hide behind devices and launch attacks that threaten our public safety and economic stability.”

Related Posts