Two Russian nationals have been indicted on bank fraud and international computer hacking charges over an alleged decade-long scheme that “deployed two of the most dangerous financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide," according to the Department of Justice.
Maksim Yakubets and Igor Turashev, described by prosecutors as leaders of “one of the most sophisticated transnational cybercrime syndicates in the world,” are accused in the 10-count indictment of deploying a malware system designed to steal personal and financial information, including online bank information, from infected computers.
The FBI on Thursday issued a wanted bulletin for both individuals, and the State Department announced a $5 million award for the arrest of Yakubets specifically. Both are believed to currently reside in Russia, according to FBI Deputy Director David Bowdich.
"These two cases demonstrate our commitment to unmasking the perpetrators behind the world's most egregious cyberattacks," Assistant Attorney General Brian Benczkowski said.
According to the indictment unsealed Thursday, the malware deployed by Yakubets and Turashev infected tens of thousands of computers across North America and Europe, including two banks, a school district, four Pennsylvania companies and a North Carolina firearm manufacturer.
The indictment said the malware was delivered to victims via "phishing emails," which Yakubets and Turashev would draft to appear as if they were coming from legitimate companies and organizations. Once victims would click on a link in the phishing emails, it would infect the computer and allow hackers to "hijack" a computer session and pull up a prompt requesting the user's bank account information.
Once the hackers were in possession of the bank credentials, they would use "money mules" to funnel the funds into foreign bank accounts. In one case, an employee of a Pennsylvania school district clicked on a graphic in a phishing email sent by Yakubets and Turashev, and the two later attempted to transfer nearly $1 million from the district's bank account to a bank in Ukraine.
The DOJ has connected Yakubets and Turashev to cyberattacks as recently as March of this year, according to the indictment. As a part of its investigation, the U.S. in 2010 transmitted a mutual legal assistance treaty request to Russia, and according to Bowdich, the Russian government was "helpful to a point."
Since that exchange, however, there is believed to have been no further communication between the two countries regarding Yakubets and Turashev.
Speaking to reporters at the Justice Department, Bowdich said the case stresses the need for all Americans to practice "good cyber hygiene," such as regularly updating online passwords, implementing two-factor authentication on sensitive accounts, and heightened awareness and suspicion regarding links sent over email.