U.S. law enforcement has offered a record $5 million reward for information leading to the arrest and/or conviction of Moscow-based Maksim Yakubets, the alleged ringleader of a decade-long cyber crime spree to steal tens of millions of dollars from banks, organizations and individuals.
The bounty, which was set under the Transnational Organized Crime Rewards Program, is the largest amount U.S. authorities have ever put up to apprehend a cyber criminal.
In a criminal complaint recently unveiled in Pittsburgh, Pennsylvania, and Lincoln, Nebraska, a federal grand jury charged Yakubets, aka “aqua,” and Igor Turashev, from Yoshkar-Ola, Russia, of conspiracy, computer hacking, wire fraud, and bank fraud. Yakubets and his crew are alleged to have taken a run at pilfering $220 million using the Zeus malware to hit corporate and individual bank accounts, ultimately making off with at least $70 million, authorities said. Turashev was indicted for his role in a malware conspiracy to steal money from thousands of online bank accounts. He is said to have used the Bugat, aka Dridex, malware.
“The charges highlight the persistence of the FBI and our partners to vigorously pursue those who desire to profit from innocent people through deception and theft,” said FBI Deputy Director David Bowdich. "By calling out those who threaten American businesses and citizens, we expose criminals who hide behind devices and launch attacks that threaten our public safety and economic stability," he said.
The indictment alleges that Yakubets and Turashev used captured banking credentials in bogus, unauthorized electronic funds transfers from the victims’ bank accounts and subsequently tapped money mules to move the funds to other accounts or transport it overseas as smuggled bulk cash. Yakubets and Turashev victimized multiple entities, including two banks, a school district, and four companies including a petroleum business, building materials supply company, vacuum and thin film deposition technology company and metal manufacturer in the Western District of Pennsylvania and a firearm manufacturer, the government charged. The indictment alleges that the attacks occurred as recently as March 19, 2019.
In total, Yakubets and his co-conspirators are alleged to have victimized 21 specific municipalities, banks, companies, and non-profit organizations in California, Illinois, Iowa, Kentucky, Maine, Massachusetts, New Mexico, North Carolina, Ohio, Texas, and Washington, including multiple entities in Nebraska and a religious congregation.
"For over a decade, Maksim Yakubets and Igor Turashev led one of the most sophisticated transnational cybercrime syndicates in the world," said U.S. Attorney Scott Brad of the Western District of Pennsylvania. "The Dridex operation was one of the most widespread malware campaigns the Justice Department has ever encountered," he said.
Officials from the United Kingdom’s National Crime Agency (NCA), also participated in the investigation. “This is a landmark for the NCA, FBI and U.S. authorities and a day of reckoning for those who commit cybercrime,” said NCA Director Rob Jones. “Following years of online pursuit, I am pleased to see the real world identity of Yakubets and his associate Turashev revealed. Yakubets and his associates have allegedly been responsible for losses and attempted losses totalling hundreds of millions of dollars,” he said. “Today the process of bringing Yakubets and his criminal associates to justice begins. This is not the end of our investigation, and we will continue to work closely with international partners to present a united front against criminality that threatens our prosperity and security.”
Yakubets and Turashev remain at large and Russian authorities aren’t likely to extradite them to the U.S. to face charges. However, any movement by either one or both outside of Russia would certainly increase law enforcement’s opportunities to apprehend them.