- The Washington Times - Monday, June 2, 2014

A Russian hacker was charged with directing a worldwide network of computer servers used and manipulated by cybercriminals to spread malicious viruses and systematically steal millions of dollars from consumers and businesses, the U.S. Justice Department said Monday.

In an internationally coordinated effort, Evgeniy Mikhailovich Bogachev, 30, of Anapa, Russia, was named in a 14-count indictment unsealed Monday in Pittsburgh.


SEE ALSO: China warns U.S. cyber charges could damage ties


Mr. Bogachev, nicknamed “Slavik” in court documents, is notorious in the hacking community for leading a gang of Russian and Ukrainian cybercriminals that would steal millions of dollars in online banking transactions. The gang created and proliferated the so-called “Gameover Zeus Botnet,” a sprawling network of infiltrated Microsoft Windows computers that infected as many as 1 million systems globally and stole more than $100 million in online banking transactions.

Mr. Bogachev is “one of the most prolific cyber actors in the world,” said FBI Executive Assistant Director Robert Anderson Jr. in a press conference. The U.S. government charges filed against him include conspiracy, computer hacking, wire fraud, bank fraud and money laundering, among others. Mr. Bogachev is also charged in Omaha with conspiracy to commit bank fraud for his alleged involvement with an earlier version of the Zeus malware.


Last week, the Justice Department took aim at Beijing with the indictment of five Chinese army hackers on charges of stealing U.S. business and intellectual property secrets — the first move against a nation-state for cybercrimes. That indictment, along with Monday’s announcement of the Russian hacker, suggests the Obama administration is becoming more serious about prosecuting and defending its cybersecurity turf.

“The sophisticated computer malware targeting of U.S. victims by a global criminal enterprise demonstrates the grave threat of cybercrime to our citizens,” said U.S. Attorney Deborah R. Gilg at Monday’s press conference.

Gameover Zeus was the “most sophisticated botnet the FBI and our allies have ever attempted to disrupt,” added the FBI’s Mr. Anderson.

The indictment against Mr. Bogachev concerns only one victim, Haysite Reinforced Plastics of Erie, in northwestern Pennsylvania, according to The Associated Press. According to the indictment, two of the transfers went through — one for about 198,000 and one for about 175,000, but Haysite was able to block the other six attempts.

A related civil complaint gave other brief descriptions of victim entities: an unspecified American Indian tribe in Washington state; an insurance company and a firm that runs assisted-living centers in Pennsylvania; a local police department in Massachusetts; a pest control company in North Carolina; and two Florida businesses, a restaurant and a regional bank.

The Gameover Zeus software would intercept passwords and other private information used to conduct wire transfers, and then initiate or redirect wire transfers from victims’ bank accounts to foreign bank accounts controlled by the criminals, James M. Cole, deputy attorney general at the Justice Department said in Monday’s press conference.

In a separate action, U.S. and foreign law enforcement officials also worked together to seize computer servers central to the malicious software or “malware” known as Cryptolocker, a form of “ransomware” that encrypts sensitive files and passwords on victims’ computers until they agree to pay a ransom to the hacker.

As of April, Cryptolocker had infected more than 200,000 computers worldwide — with more than half of the attacks occurring in the U.S. — and collected more than $27 million in ransom payments for the hackers, Justice Department officials said. The malware was spread using Gameover Zeus-controlled computer network.