This Country Is A Breeding Ground for Cyber Crime

1029

Many of the people on the FBI’s cyber most wanted list are Russian. While some allegedly work for the government earning a normal salary, others are accused of making a fortune from ransomware attacks and online theft., reports BBC.

Evil corp

In a press conference two years ago, the FBI named nine members of the Russian hacking group, Evil Corp, accusing Igor Turashev and the gang’s alleged leader, Maksim Yakubets, of stealing or extorting more than $100m in hacks affecting 40 different countries.

The victims range from small businesses to multinationals like Garmin, as well as charities and a school. They’re just the ones we know about.

The US Department of Justice says the men are “cyber-enabled bank robbers” staging ransomware attacks, or hacking into accounts to steal money.

The announcement made Maksim Yakubets, then only 32, a poster boy for the playboy Russian hacker.

Russian government

The Russian government routinely brushes off US hacking accusations against its citizens.

In fact, not only are the hackers allowed to carry on, they are recruited by the security services too.

We asked the Russian government to comment on the fact that hackers seem to operate freely in Russia, but received no reply.

When Vladimir Putin was asked about this at the Geneva summit with Joe Biden this summer, he denied that high-profile attacks were originating in his country and even claimed that most cyber-attacks began in the US. But he said he would work with the US to “bring order”.

Lavish lifestyle of Maksim Yakubets

Our investigation into Maksim Yakubets began in an unlikely place – a golf course about two hours outside Moscow.

This was the venue for his spectacular wedding in 2017, a video of which was spotted by Radio Free Europe/Radio Liberty and widely shared.

Tellingly, Yakubets’ face is never shown in the footage, filmed by a wedding video production company, but he can be seen dancing to live music performed by a famous Russian singer under a beautiful light show.

Maksim Yakubets’ wedding may have cost more than half a million dollars

It may not be a coincidence that Yakubets’ father-in-law, seen in the wedding video, is a former high-level member of the FSB.

Igor Turashev is accused

Nor is Igor Turashev, 40, keeping a low profile. 

All have offices in Moscow’s prestigious Federation Tower, a shiny skyscraper in the financial district that wouldn’t look out of place in Manhattan or London’s Canary Wharf.

A puzzled receptionist looked for a phone number, and found that the offices didn’t have one. She did find a mobile phone under the firm’s name though, and put us through.

As Andrey explained, Turashev is not wanted in Russia so no-one is stopping him renting this expensive city-centre office space.

Impact on bitcoin

It may also be convenient for him to be located among financial companies, including some that deal in the cryptocurrencies, such as Bitcoin, that Evil Corp is alleged to have collected from victims in ransomware attacks – reportedly $10m-worth in one case.

A Bloomberg report using research from Bitcoin analysts Chainalysis claims that the Federation Tower houses numerous crypto firms that act like “cash machines for cyber-criminals”.

Maksim Yakubets

Maksim Yakubets doesn’t answer calls and emails, so Joe Tidy knocks on a door where he once lived – and speaks to his father

The $5m US reward for information leading to his son’s arrest – the highest ever bounty for a named cyber-criminal – had led the family to live in fear of attack, Mr Yakubets said, demanding that we publish his words.

Cyber-sanctions

Yakubets and Turashev are part of the growing list of Russian citizens to be issued with cyber-sanctions as the West struggles to respond to cyber-attacks.

More Russian people and organisations have been sanctioned and indicted than those of any other nationality.

Indictments prevent the hackers from travelling abroad, while the sanctions freeze any assets they have in the West, and ban them from doing business with Western firms.

Last year the European Union started issuing cyber-sanctions, following in the US’s footsteps, and it’s mainly Russians who have been named and shamed on this list too.

The vast majority of the individuals on these lists are said to have direct links to the Russian state, hacking in order to spy, project power or exert pressure. While all nations hack each other, the US, EU and allies claim that some of the Russian attacks cross a line, in terms of what is acceptable.

Some of the men are accused of causing widespread blackouts in Ukraine by hacking power grids. Others are wanted for trying to hack into a chemical weapons testing facility in the wake of the Salisbury poisonings.

The Kremlin denies all accusations, routinely laughing them off as Western hysteria and “Russophobia”.

As there are no clear rules for what is acceptable nation state hacking, we deliberately concentrated our investigation on the individuals accused of being criminals, hacking for profit.

Do cyber-sanctions against “criminal” hackers work?

Speaking to Yakubets’ father it seems that they do have some impact – at the very least they made him furious.

However Evil Corp appears to have been unaffected.

Cyber-security researchers allege the crew are still carrying out lucrative cyber-attacks on mainly Western targets.

Russian hackers

The “golden rule” of Russian hacking, according to researchers and former hackers, is that non-state-employed criminal hackers can hack who they like, as long as the victims are not in Russian-speaking or former Soviet territories.

The rule appears to work, as cyber-security researchers have for many years noticed fewer attacks in those countries. They’ve also found that some malware is designed to avoid computers with Russian language systems.

$3m bounty out for his arrest

The US claims that Maksim Yakubets and other wanted hackers – including Evgeniy Bogachev, who has a $3m bounty out for his arrest – have worked directly for the intelligence services.

US’s investigation

In the last six months the US and its allies have gone beyond cyber-sanctions, and started employing a far more aggressive tactic.

They have begun hacking back against cyber-crime gangs and have successfully taken some of them offline, at least temporarily. REvil and DarkSide have announced on forums that they are no longer operating because of law enforcement action.

On two occasions US government hackers have even managed to retrieve millions of dollars of Bitcoin stolen from victims.

An international effort involving Europol and the US Department of Justice has also seen alleged hackers arrested in South Korea, Kuwait, Romania and Ukraine.

However, cyber security researchers say more groups are surfacing, and attacks are occurring every week. The phenomenon will not go away, they say, as long as hackers can flourish in Russia.

Did you subscribe to our daily Newsletter?

It’s Free! Click here to Subscribe

Source: techradar

3 COMMENTS

  1. What’s up, I wish for to subscribe for this weblog to obtain hottest updates, so where
    can i do it please help out. I saw similar here: najlepszy sklep and also
    here: dobry sklep

  2. Wow, marvelous weblog layout! How lengthy have you been blogging for?
    you make running a blog glance easy. The entire
    look of your website is great, as smartly as the content!
    You can see similar: e-commerce and here sklep internetowy

Comments are closed.