13.06.2024
4 min
1266
We are talking about the hacker Yevhen Bogachov, who is one of the most wanted cybercriminals in the world. The FBI accuses him of creating and distributing the ZeuS malware, which was used to steal bank data and money. Bogachev is also suspected of cooperating with Russian special services and influencing the presidential elections in the United States.
Technologies continue to develop, and with them, methods of hacking and information theft. Thousands of people are engaged in the development of malicious software, but few of them are as skilled as Yevhen Bogachev. Bogachev is the FBI’s No. 1 cybercriminal, and a $3 million reward is being offered for his arrest. This is the largest reward the FBI has ever offered for information on the location of a cybercriminal or perpetrator.
The FBI accuses Bogachev of infecting individual and corporate computers and computer networks with malicious software. The goal is to steal thousands and millions of dollars from the victims’ bank accounts. According to FBI investigators, it makes no difference to Bogachev whether his target is a government organization or a minority group. If there is money somewhere, Bogachev will come for it.
Bogachev is also accused along with other “associates” of influencing the presidential elections in the USA. The former president of the country, Barack Obama, introduced sanctions against the alleged criminals. According to law enforcement officers, Evgeny himself may not be involved in hacking the servers of the US Democratic Party. However, the exploits and other software tools he created were used in the hacking process.
A New York Times reporter claimed that Bogachev had access to data stored on millions of computers. These are home systems that stored vacation photos, computers of various companies, confidential data stored on disks and servers of government organizations. The representative of mass media stated that there is no doubt that Bogachev infected the computers of various government organizations in different countries.
Fox-IT information security experts claim that Russian special services are mainly interested in data about the situation in Ukraine and the war in Syria. However, they are also trying to get sensitive information from US government computers.
According to the FBI, Bokhachev became a major figure in the world of cybercrime more than a decade ago, when he and his “colleagues” developed the ZeuS malware. The software appeared in 2006 (or 2007, according to some sources). An example of software designed to carry out illegal activities, the main purpose of Zeus is to steal user credentials that are used for financial transactions; in 2012, analysts claimed that Zeus was involved in 90% of fraudulent transactions worldwide.
Zeus infects computers and creates botnets. Moreover, Zeus is not one giant botnet, but hundreds and thousands of small and medium-sized infected systems. In fact, the creators are selling Zeus to people who have the money and are willing to spend it to purchase such specialized software. The system consists of a builder and an administration panel. The executable code of the robot is created by the builder and contains a main module and a configuration file containing the address of the control center, the path to the script and other important data necessary for the virus to work.
Because the system has a high degree of protection against detection, Zeus operators were able to bypass the bank’s state-of-the-art security systems and infect new computers and computer networks around the world. The FBI says that at the time Zeus was created, the FBI says that at the time Zeus was created, it was the most sophisticated cyber-system ever created for stealing funds, and that it has not been able to be taken down for several years.
The American side believes that Bogachev has accumulated a huge amount of money over the years, which he spent on real estate and expensive cars in various countries. It is alleged that he had three passports in different names, which allowed the cybercriminal to travel unhindered; at the peak of Zeus activity, Bogachov had from 500,000 to a million infected computers at his disposal.
It is also known that Bogachev used the nicknames slavik, lucky12345 and pollingsoon. By the way, slavik was the operator of the first version of Zeus. Keith Mularsky of the FBI claims that Bogachov is paranoid about his work and doesn’t trust anyone.
In 2014, the United States, with the help of 10 other countries, conducted Operation Tovar, which allowed law enforcement to stop the spread of Zeus and clean thousands of computers of malware. It was then that Bogachov was found guilty of a number of cybercrimes, including the theft of information and money through the use of malware functionality, Mullarkey says.
According to the FBI, requests for information about the situation in eastern Ukraine, actions in Syria and the conflict between Georgia and Turkey began to arrive on a computer controlled by Bogachov in 2011. An American expert who studied this case claims that it is impossible to determine the author of the requests. At the same time, they claim that these actions are in no way related to Bogachov’s specialization – financial embezzlement – and that the requests, therefore, were sent by outsiders who were interested in information, not money.
Infected computers in different regions received unusual requests. For example, after the US government agreed to supply a small amount of weapons to Syrian rebels in 2013, infected systems in Turkey began receiving requests such as “weapons supply”; specific requests were also sent to infected computers in other regions, for example, during the incident in Ukraine in 2014. It is noteworthy that the American experts did not say how exactly they tracked which requests were sent to infected computers in different countries.
The FBI believes that Russian secret services are hiring black hat hackers on various forums and sites dedicated to carding and other similar issues. One such resource is Carding World, which, according to the NYT, can even ban users who violate its rules for life.
Representatives of the FBI have repeatedly tried to establish cooperation with the FSB in order to catch criminals engaged in financial fraud and carding. However, in reality, cooperation was rarely established: on one occasion, according to the FBI, an attacker, whom the department suspects of committing a number of cybercrimes, sent a copy of his passport to an alleged representative of Russian intelligence.
The most interesting thing is that, according to the FBI, Bogachev lived and continues to live underground. His permanent place of residence is Anapa. Here he rents an apartment in a house on the coast. He also bought an apartment in Moscow. The cybercriminal also owns a large number of luxury cars and yachts.
American law enforcement agencies received a large amount of information about Bogachev from other “caught” cybercriminals. One such person is Oleksandr Panin, who is serving time in a prison in the state of Kentucky, USA. This person told the FBI that Bogachev often complained about being tired from work and that he did not spend much time with his family (wife and two children).
One can only guess about Bogachev’s real activities: some media, including USA Today, believe that he is not a lone genius of the criminal world, but the head of a criminal clan that specializes mainly in cybercrimes, stealing money from victims’ accounts.
The sanctions list signed by President Obama also includes Oleksiy Belan, who, according to the FBI, along with Bokhachev stole customer databases of various companies. The head of administration Ihor Korobov, his first deputy Ihor Kostyuchkov, Volodymyr Alekseev and his deputy Serhiy Gizunov were also included in the list.
