The Los Angeles Post

Treasury sanctions Russian group over $100 million hack

by ·

Multiple federal agencies on Thursday, including the departments of Justice, State and Treasury, took action against Russians involved in the theft of millions of dollars from bank accounts worldwide through cyber hacking operations.

The Treasury Department’s Office of Foreign Assets Control issued sanctions against a group known as Evil Corp, which is a Russian-based cybercriminal group responsible for the Dridex malware. Officials say this malware has been used to infect computers and steal more than $100 million from hundreds of banks and financial institutions in over 40 countries.

The sanctions targeted 17 individuals and seven entities associated with Evil Corp, including Evil Corp’s leader, Maksim Yakubets.

In conjunction with the sanctions, the State Department announced a reward of up to $5 million for information that could lead to the capture and conviction of Yakubets, which represents the largest potential reward for a cyber criminal ever issued by the department.

“Treasury is sanctioning Evil Corp as part of a sweeping action against one of the world’s most prolific cybercriminal organizations,” Treasury Secretary Steven Mnuchin said in a statement on Thursday. “This coordinated action is intended to disrupt the massive phishing campaigns orchestrated by this Russian-based hacker group.”

Mnuchin noted that “our goal is to shut down Evil Corp, deter the distribution of Dridex, target the ‘money mule’ network used to transfer stolen funds, and ultimately to protect our citizens from the group’s criminal activities.”

The malware virus has been spread mostly through the use of phishing emails that encourage individuals to click on malicious links or attachments that lead to Dridex being downloaded. Officials say that Evil Corp was able to steal credentials, and then funds from victims’ bank accounts, after the virus was on a system.

In addition to the State and Treasury actions, the Justice Department joined with multiple other U.S. and British agencies in unsealing indictments against both Yakubets and another Russian national, Igor Turashev.