https://arstechnica.com/information-technology/2019/12/members-of-evil-corp-the-cybercrime-group-that-lived-in-luxury-are-indicted/
By Dan Goodin
Ars Technica
12/5/2019
Federal prosecutors have indicted the kingpin of Evil Corp, the name used by a
cybercrime gang that used the notorious Dridex malware to drain more than $70
million from bank accounts in the US, UK, and other countries.
Maksim V. Yakubets, a 32-year-old Russian national who used the handle "Aqua,"
led one of the world's most advanced transnational cybercrime syndicates in the
world, prosecutors said on Thursday. The crime group's alleged deployment of
Dridex was one of the most widespread malware campaigns ever. The UK's National
Crime Agency said the syndicate used the name Evil Corp.
Dridex was configured to target the customers of almost 300 different
organizations in more than 40 countries by automating the theft of online
banking credentials and other confidential information from infected computers.
Over time, Dridex creators updated the malware to install ransomware.
Previously known as Bugat and Cridex, Dridex used zeroday exploits and
malicious attachments in emails to infect targets. The malware was designed to
bypass antivirus and other security defenses.
Yakubets and another alleged Dridex operator, 38-year-old Igor Turashev, also
from Russia, allegedly used the captured banking credentials to order
electronic money transfers from compromised accounts. Prosecutors said the men
funneled the stolen funds into the accounts of money mules who would move the
funds into other accounts or convert them to cash and smuggle it overseas.
Yubets was the leader of the crime group, prosecutors said. Turashev allegedly
handled a host of roles, including system administration, management of an
internal control panel, and oversight of a botnet that controlled infected
computers.
[...]
--
Subscribe to InfoSec News
https://www.infosecnews.org/subscribe-to-infosec-news/
https://twitter.com/infosecnews_
