Information Security News mailing list archives

Previous By Date Next
Previous By Thread Next

Kingpin of Evil Corp lived large. Now there's a $5 million bounty on his head

From: InfoSec News <alerts () infosecnews org>
Date: Fri, 6 Dec 2019 08:45:45 +0000 (UTC)
https://arstechnica.com/information-technology/2019/12/members-of-evil-corp-the-cybercrime-group-that-lived-in-luxury-are-indicted/

By Dan Goodin
Ars Technica
12/5/2019
Federal prosecutors have indicted the kingpin of Evil Corp, the name used by a cybercrime gang that used the notorious Dridex malware to drain more than $70 million from bank accounts in the US, UK, and other countries.
Maksim V. Yakubets, a 32-year-old Russian national who used the handle "Aqua," led one of the world's most advanced transnational cybercrime syndicates in the world, prosecutors said on Thursday. The crime group's alleged deployment of Dridex was one of the most widespread malware campaigns ever. The UK's National Crime Agency said the syndicate used the name Evil Corp.
Dridex was configured to target the customers of almost 300 different organizations in more than 40 countries by automating the theft of online banking credentials and other confidential information from infected computers. Over time, Dridex creators updated the malware to install ransomware. Previously known as Bugat and Cridex, Dridex used zeroday exploits and malicious attachments in emails to infect targets. The malware was designed to bypass antivirus and other security defenses.
Yakubets and another alleged Dridex operator, 38-year-old Igor Turashev, also from Russia, allegedly used the captured banking credentials to order electronic money transfers from compromised accounts. Prosecutors said the men funneled the stolen funds into the accounts of money mules who would move the funds into other accounts or convert them to cash and smuggle it overseas. Yubets was the leader of the crime group, prosecutors said. Turashev allegedly handled a host of roles, including system administration, management of an internal control panel, and oversight of a botnet that controlled infected computers. 

[...]


--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
Previous By Date Next
Previous By Thread Next

Current thread: