FBI announces $5 million bounty for information on Russian hackers behind Dridex attacks

The U.S. Department of Justice has announced that the State Department, in partnership with the FBI, have set a reward of up to $5 million for information that can lead to the arrest and conviction of two Russian hackers.

Maksim V.
Yakubets, 32, and Igor Turashev, 38, are allegedly responsible for several
high-profile international computer hacking and bank fraud schemes spanning
from May 2009 to the present. The duo have been using the infamous Dridex
Banking Trojan, also known as Bugat and Cridex, a form of malware that specializes
in stealing bank credentials. Dridex leverages macros from Microsoft Word to install
itself on the target system.

The
indictment alleges, among other things, that:

“Yakubets
and Turashev used captured banking credentials to cause banks to make
unauthorized electronic funds transfers from the victims’ bank accounts,
without the knowledge or consent of the account holders.  They then allegedly used persons, known as
“money mules,” to receive stolen funds into their bank accounts, and then move
the money to other accounts or withdraw the funds and transport the funds
overseas as smuggled bulk cash. 
According to the indictment, they also used a powerful online tool known
as a botnet in furtherance of the scheme.”

The group of
conspirators involved with the Dridex attacks is known as ‘Evil Corp,’ of which
Yakubets is the leader.

“As the
leader, he oversaw and managed the development, maintenance, distribution, and
infection of Bugat as well as the financial theft and the use of money mules.
Turashev allegedly handled a variety of functions for the Bugat conspiracy,
including system administration, management of the internal control panel, and
oversight of botnet operations,” the DOJ said.

The $5
million reward for information leading to the arrest of Yakubets and his
accomplice represents the largest such reward offer for a cyber criminal to
date, the DOJ said.

Leave a Reply

Your email address will not be published. Required fields are marked *

Scroll to top