Russian 'Evil Corp' hackers charged with $100M in cyber theft

Malware infected hundreds of banks worldwide, US Treasury says.

The Justice Department unsealed charges Thursday against two Russian men in what authorities say was one of the worst computer hacking and bank fraud schemes of the past decade.

The Treasury Department said Russian malware infected hundreds of banks worldwide and caused more than $100 million in theft.

Maksim V. Yakubets, 32, of Moscow and Igor Turashev, 38, from Yoshkar-Ola, Russia were charged in the 10-count indictment filed in federal court in Pittsburgh. The charges include conspiracy, computer hacking, wire fraud, and bank fraud. The two men have not been arrested and their whereabouts are unknown.

The Treasury Department's Office of Foreign Assets Control "took action against Evil Corp, the Russia-based cybercriminal organization responsible for the development and distribution of the Dridex malware," according to a release.


The Treasury's action targeted "17 individuals and seven entities to include Evil Corp, its core cyber operators, multiple businesses associated with a group member, and financial facilitators utilized by the group." Only two of the 17 met with criminal charges, which the Justice Department handled concurrently.

Prosecutors say the charges stem from the creation of malware known as "Bugat," which was designed to automate the theft of confidential personal and financial information, including online banking logins, from infected computers. The malware, they say, was specifically designed to defeat antivirus software.

Yakubets, who used the online moniker "aqua," and Turashev are accused of targeting two banks, a school district and four companies in Pennsylvania — a petroleum business, building supply company, vacuum and thin film deposition technology company and metal manufacturer — as well as a gun manufacturer. The attacks caused the theft of millions of dollars, prosecutors said.


The malware allowed hackers to hijack a victim’s computer, present fake online banking webpages and trick the user into entering their personal information, investigators said.

Yakubets is also being charged in a separate case in Nebraska with allegedly conspiring to commit bank fraud in connection with other malware, authorities said. Prosecutors allege that he worked with multiple co-conspirators to commit widespread computer intrusions, employ malicious software, and steal millions of dollars from numerous bank accounts in the United States and around the globe.

The State Department and the FBI are offering a $5 million reward for information leading to Yakubets' arrest and conviction, which officials say is the largest reward ever offered for an accused cybercriminal.