U.S. and British authorities on Thursday took aim at the Russia-based cybercriminal group known as Evil Corp, indicting two of its leaders and ordering asset freezes against 17 of its associates over a digital crime spree that has netted more than $100 million from companies across the world.
Investigators said the scheme involved hacking into business computers, obtaining the bank account numbers and security codes of account holders, and then using third parties to transfer money from the bank accounts to hackers.
Maksim Yakubets was accused of being the leader of Evil Corp, which is alleged to be behind the malicious software better known as “Dridex.” His close associate Igor Turashev allegedly handled various functions for the group, according to an indictment released Thursday.
In a crackdown on Evil Corp that straddled the world of cybercrime and intelligence, the U.S. Treasury and Justice Departments worked in coordination with Britain’s National Crime Agency.
U.S. Treasury officials said Yakubets worked on the side for Russia’s Federal Security Service (FSB) domestic intelligence agency and stole classified material on Moscow’s behalf. One senior U.S. Treasury official said that, last year, he had even applied to the FSB for a license to handle secret documents.
Cybersecurity experts say the malware, which first appeared in late 2011, is among the most financial damaging on the internet. Experts have long speculated that it is the brainchild of a Russian hacking group.
The indictment, filed with the federal court in Pittsburgh, names a series of targets including a school, an oil firm, First Commonwealth Bank. Two of the transactions were processed through Citibank in New York, the indictment says.
The indictment is dated Nov. 12 but was unsealed on Thursday.
Malware is a software program designed to gather sensitive information, such as passwords and bank account numbers, from private computers by installing viruses and other malicious programs.
Spokespeople for First Commonwealth Bank and Citibank did not immediately respond to requests for comment.