The United States Department of Justice today disclosed the identities of two Russian hackers and charged them for developing and distributing the Dridex banking Trojan using which the duo stole more than $100 million over a period of 10 years.
Maksim Yakubets, the leader of ‘Evil Corp’ hacking group, and his co-conspirator Igor Turashev primarily distributed Dridex — also known as ‘Bugat’ and ‘Cridex’ — through multi-million email campaigns and targeted numerous organizations around the world.
Besides developing and distributing Dridex, Yakubets has also been charged with conspiracy to commit bank fraud in connection with the infamous “Zeus” banking malware that stole $70 million from victims’ bank accounts.
The hackers infected thousands of business computers with malware that captured passwords, account numbers, and other information necessary to log in to online banking accounts, and then used the stolen data to steal money from victims’ bank accounts.
While taking down the infrastructure supporting Dridex in 2015, NCA also helped the FBI arrest Andrey Ghinkul, one of the distributors of Dridex malware.
The duo has been alleged to have victimized 21 specific municipalities, private companies, banks, and non-profit organizations in California, Illinois, Massachusetts, Ohio, Texas, Washington, Iowa, Kentucky, Maine, New Mexico, and North Carolina, including multiple entities in Nebraska and a religious congregation.