A cyber criminal indicted in the US has been accused of working with Russian intelligence to steal classified government documents, according to a senior official at the US Treasury.
The man was one of two suspects in Russia indicted by the US on Thursday for their part in developing the Dridex banking malware which has stolen millions from victims in the West.
Victim organisations in more than 40 countries were hit by the Dridex malware, which allowed the alleged criminals to steal more than $ 100m (£76m) in one hacking campaign dating back to 2011.
Maksim Yakubets is accused of being the leader of the hacking group calling itself “Evil Corp” while Igor Turashev has been accused of being one of the group’s key administrators.
American and British authorities collaborated to identify and charge the criminals, who were accused of being behind “two of the worst computer hacking and bank fraud schemes of the past decade”.
Sanctions from the US Treasury target 17 individuals and seven entities tied to Evil Corp, including its “core cyber operators, multiple businesses associated with a group member” and financial organisations used by the group.
Yakubets was accused of providing “direct assistance to the Russian government” by working for the FSB, Russia’s federal security service, to acquire “confidential documents” for the intelligence agency as well as conduct other cyber operations.
He is currently believed to be at large in Russia. The US State Department has announced a $ 5m (£3.8m) reward for information leading to his capture.
Yakubets is also accused of committing bank fraud in connection with a second hacking campaign using the Zeus malware, which began in 2009.
Zeus has been tied to thefts of an estimated $ 70m (£53m) occurring as recently as March this year.
Additional core members of the group sanctioned by the US Treasury include Dmitriy Smirnov, Artem Yakubets, Ivan Tuchkov, Andrey Plotnitskiy, Dmitriy Slobodskoy, and Kirill Slobodskoy.
Lifestyle images of the extravagant holidays and cars purchased by the criminals were released by the National Crime Agency (NCA) in the UK, which was thanked by the US DoJ for its contribution to the investigation.
Paul Chichester, the director of operations for the UK’s National Cyber Security Centre, said: “Today’s announcement is the result of a multi-year investigation with our law enforcement and international partners.
“Dridex has been targeting UK victims since at least 2014, compromising and stealing from large organisations, SMEs and the general public.
“Malware is a continuing cyber threat but we can all reduce our risk of becoming victims to cyber criminals by ensuring our devices are patched, anti-virus is turned on and up to date and files are backed up.”
The US assistant attorney general Brian Benczkowski said: “These two cases demonstrate our commitment to unmasking the perpetrators behind the world’s most egregious cyberattacks.
“The assistance of our international partners, in particular the National Crime Agency of the United Kingdom, was crucial to our efforts to identify Yakubets and his co-conspirators.”
The FBI’s deputy director David Bowdich added: “Today’s announcement involved a long running investigation of a sophisticated organised cyber-crime syndicate.
“The charges highlight the persistence of the FBI and our partners to vigorously pursue those who desire to profit from innocent people through deception and theft.
“By calling out those who threaten American businesses and citizens, we expose criminals who hide behind devices and launch attacks that threaten our public safety and economic stability.”