Two Russian nationals charged in hacking schemes that officials say caused tens of millions in damages
Brian Benczkowski, who heads the Justice Department’s criminal division, said Yakubets was the “leader of a criminal cyber gang” and had been involved in cyber crime for the past decade on an “unimaginable scale.”
“Maksim Yakubets allegedly has engaged in a decade-long cybercrime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollar losses to victims worldwide,” he said.
Yakubets was charged in two separate cases — one in Pennsylvania and the other in Nebraska — with distributing malware known as “Bugat” and “Zeus” that stole passwords and other personal information. The hackers were then able to reroute wire transfers to foreign bank accounts run by “money mules.” Turashev was also charged in connection with the Bugat case.
Authorities said many of the thousands of U.S. victims were small to midsize businesses, targeted by email phishing scams. FBI Deputy Director David Bowdich said those targeted included a dairy company in Ohio, a luggage store in New Mexico and an order of religious sisters.
The Zeus malware was used in the attempted theft of about $220 million, of which the hackers were able to steal about $70 million, authorities said.
The suspects used that money to live like flamboyant millionaires, officials said.
Bowdich conceded that because the two men are in Russia, it is unlikely that they will ever be brought to the United States to face charges.
“It’s difficult, no doubt,” he said, “but it’s not impossible.”
The Russian government, which does not extradite its citizens to face charges overseas, responded to a U.S. request in the case that was “helpful in the investigation, to a point,” Bowdich said.
Yakubets was part of a group called the “Jabber Zeus Crew” that began the alleged scheme as far back as 2009.
Some members of the conspiracy have already been caught and sent to prison. Two Ukrainians, Yuriy Konovaleko and Yevhen Kulibaba, were extradited from Britain to the United States in 2015, pleaded guilty to conspiracy, and have completed their prison sentences.
Investigators recovered chat logs among members of the group showing them reacting to a 2009 Washington Post article about their apparent effort to steal $415,000 from the coffers of Bullitt County, Ky.
“I’m really pissed,” Yakubets allegedly wrote. “They exposed the entire deal.” Another suspect shared a link to the story and wrote: “This is what they damn wrote about me.”
Bowdich said the conversations show that the way to defeat hackers is to unmask them, wherever they are, through news stories or publicly filed charges, and the chat logs recounted in court documents show “they didn’t like it.”
Authorities were able to identify Yakubets as the person behind the online hacker persona “aqua” through those chats and a review of other digital evidence. They used applications for U.S. visas filed by Yakubets’s ex-wife and their young child, and the Russian government provided additional information that linked him to an “aqua” email address used to order a baby carriage that was delivered to his Moscow address.