For the last decade, the hackers behind Evil Corp have led a sustained assault on the bank accounts of thousands of victims across dozens of countries. By steadily evolving malware known as Bugat, they indiscriminately siphoned tens of millions of dollars from unwitting victims. Thursday, the FBI indicted Evil Corp’s alleged leader: Maksim V. Yakubets, also known as “aqua.”
The indictment, which you can read in full below, details in broad strokes the playbook that Yakubets and Igor Turashev, another Russian charged in the scheme, allegedly have rolled out countless times. They’d convince victims to click on a malicious link in a phishing email to download Bugat. Once installed, the malware would use a variety of techniques to steal: a keylogger to grab passwords, or creating fake banking pages to trick someone into voluntarily entering their credentials. Armed with that information, the hackers would arrange for electronic funds transfers from victim bank accounts to a network of so-called money mules, who would then get the funds back to Evil Corp.
“Each and every one of these intrusions was effectively a cyber-enabled bank robbery,” said assistant US attorney general Brian Benczkowski at a press conference announcing the indictment Thursday. Both men are still at-large in Russia.
Evil Corp was apparently also in the franchise business. According to court documents, Yakubets gave a UK resident access to Bugat in exchange for $100,000 up front, plus 50 percent of all revenues, with a minimum take of $50,000 a week. Like any good franchisor, Yakubets offered technical support as needed.
Courtesy of the FBI
Since at least 2011, the FBI estimates that Bugat—also known as Dridex and Cridex—resulted in losses of $100 million or more across hundreds of banks. What m ..