U.S. authorities on Thursday has cracked down Russian cyber criminal group known as Evil Corp, indicting its Lamborghini-driving alleged leader and ordering asset freezes against 17 of his associates over a digital crime spree that has netted more than $100 million from companies across the world.
One of the officials has described The action against Evil Corp. as one of the most damaging criminal organizations on the internet, comes with a $5 million bounty issued for information leading to the arrest of its alleged leader, Maksim Yakubets.
British authorities also described the 32-year-old Yakubets as a supercar-lover who customized his Lamborghini license plate to read “Thief” in Russian and ran his operation from the basements of Moscow cafes.
“He’s earned his place on the FBI’s list of the world’s most wanted cyber criminals.”
According to U.S. Assistant Attorney General Brian Benczkowski, “Yakubets is a true 21st century criminal,” Evil Corp is alleged to be behind an ever-evolving family of malicious software known Dridex, which has bedeviled banks and businesses since it first appeared in 2011.
The malware works by hacking into banks and businesses and making rogue financial transfers that are eventually funneled back to the hackers. It has since also branched out into ransomware.
Underlining alleged links between cybercriminals and the Russian state, U.S. Treasury officials said Yakubets worked on the side for Russia’s Federal Security Service (FSB), its domestic intelligence agency, and stole classified material on Moscow’s behalf. One senior U.S. Treasury official said he had even applied to the FSB for a license last year to handle secret documents.
Even so, the FBI’s Bowdich said the Russian government had been “helpful to a point” in their request to track the hackers down. Bowdich and other U.S. officials declined to comment on whether either of the two men had links to the Russian government. The FSB did not immediately reply to a Reuters request for comment sent after hours in Russia on Thursday.
Dridex targeted smaller businesses and organizations that lacked the sophisticated cyberdefenses of larger organizations, U.S. officials said.