WASHINGTON – A band of hackers implanted viruses on hundreds of thousands of computers around the world, secretly seized customer bank information and stole more than $100 million from businesses and consumers, the Justice Department said Monday in announcing charges against the Russian man accused of masterminding the effort.
In unveiling the criminal case, federal authorities said they disrupted European-based cyber threats that were sophisticated, lucrative and global.
In one scheme, the criminals infected computers with malicious software that captured bank account numbers and passwords, then used that information to secretly divert millions of dollars from victims’ bank accounts to themselves. In another, they locked hacking victims out of their own computers, secretly encrypted personal files on the machines and returned control to the users only when ransom payments of several hundred dollars were made.
Working with officials in more than 10 other countries, the FBI and other agencies recently seized computer servers that were central to the crimes, which affected hundreds of thousands of computers.
The FBI called the alleged ringleader, 30-year-old Evgeniy Bogachev, one of the most prolific cyber criminals in the world and issued a “Wanted” poster that lists his online monikers and describes him as a boating enthusiast. He faces criminal charges in Pittsburgh, where he was named in a 14-count indictment, and in Nebraska, where a criminal complaint was filed. He has not been arrested, but Deputy Attorney General James Cole said U.S. authorities were in contact with Russia to try to bring him into custody.
Bogachev’s operation, prosecutors say, consisted of criminals in Russia, Ukraine and the United Kingdom who were assigned different roles within the conspiracy. The group is accused in the development of both “Gameover Zeus” – a network of infected computers that intercepted customer bank account numbers and passwords that victims typed in – and “Cryptolocker,” malicious software that hijacked victims’ computers and demands ransom payments. Computer users who don’t pay the fee generally lose their files for good.