FBI announces $5 million bounty for information on Russian hackers behind Dridex attacks

The U.S. Department of Justice has announced that the State Department, in partnership with the FBI, have set a reward of up to $5 million for information that can lead to the arrest and conviction of two Russian hackers.

Maksim V. Yakubets, 32, and Igor Turashev, 38, are allegedly responsible for several high-profile international computer hacking and bank fraud schemes spanning from May 2009 to the present. The duo have been using the infamous Dridex Banking Trojan, also known as Bugat and Cridex, a form of malware that specializes in stealing bank credentials. Dridex leverages macros from Microsoft Word to install itself on the target system.

The indictment alleges, among other things, that:

“Yakubets and Turashev used captured banking credentials to cause banks to make unauthorized electronic funds transfers from the victims’ bank accounts, without the knowledge or consent of the account holders.  They then allegedly used persons, known as “money mules,” to receive stolen funds into their bank accounts, and then move the money to other accounts or withdraw the funds and transport the funds overseas as smuggled bulk cash.  According to the indictment, they also used a powerful online tool known as a botnet in furtherance of the scheme.”

The group of conspirators involved with the Dridex attacks is known as ‘Evil Corp,’ of which Yakubets is the leader.

“As the leader, he oversaw and managed the development, maintenance, distribution, and infection of Bugat as well as the financial theft and the use of money mules. Turashev allegedly handled a variety of functions for the Bugat conspiracy, including system administration, management of the internal control panel, and oversight of botnet operations,” the DOJ said.

The $5 million reward for information leading to the arrest of Yakubets and his accomplice represents the largest such reward offer for a cyber criminal to date, the DOJ said.

*** This is a Security Bloggers Network syndicated blog from HOTforSecurity authored by Filip Truta. Read the original post at: