‘The most significant cybercrime threat to the UK’ – authorities indict Evil Corp kingpin
Reward of $5m offered for Maksim Yakubets
Credit: Crown Copyright
The head of a criminal group that poses “the most significant cybercrime threat to the UK” has been indicted on hacking and fraud charges.
Ukraine-born Maksim Yakubets – who now holds Russian citizenship – leads Evil Corp, which the National Crime Agency describes as “the world’s most harmful cyber group”. The charges brought against him follow a five-year international investigation that saw “unprecedented collaboration” between the NCA, the National Cyber Security Centre, and the FBI.
The 32-year-old cyber kingpin is now facing federal charges of conspiracy, conspiracy to commit fraud, wire fraud, bank fraud, and intentional damage to a computer. A reward of $5m is offered for information leading to his arrest – the highest such amount ever offered for a cybercriminal.
According to the NCA, the crimes perpetrated by the Moscow-based group span from 2009 to the present day. Its most high-profile attacks include those powered by the Dridex trojan, which is designed to steal banking credentials.
- NCA cybercrime unit looks to deepen ties with Russia’s neighbours
- All police forces create cybercrime units
- Government targets dark web with £50m cybercrime funding boost
Evil Corp runs a “network of money launderers who have funnelled profits back” to the organisation, the NCA said.
The malware spread by the hacking group has caused “financial losses totalling hundreds of millions of pounds in the UK alone”, the crime agency added.
Lynne Owens, director general of the NCA, said: “The significance of this group of cybercriminals is hard to overstate; they have been responsible for campaigns targeting our financial structures with multiple strains of malware over the last decade. We are unlikely to ever know the full cost, but the impact on the UK alone is assessed to run into the hundreds of millions.”
She added: “While the harm caused by this group has targeted mainly financial institutions, there is no doubt that their activity has had real world impacts, defrauding and stealing from victims in the UK and worldwide. The Lamborghini Yakubets drives was someone’s life savings, now emptied from their bank account.”
The car in question – which is pictured in the collage above and reportedly bears a personalised number plate that translates as ‘Thief’ – typifies what authorities claimed is a luxurious lifestyle. The cybercrime chief spent more than £250,000 on a lavish wedding, according to the NCA.
But the indictments, which will result in Yakubets’ arrest if he is ever apprehended outside Russia, will hamper his activities, authorities said. Not only will the hacking boss, who goes by the online pseudonym Aqua, face much greater international scrutiny, but “other criminals… will find him toxic to deal with”.
Paul Chichester, NCSC operations director, said: “[This] announcement is the result of a multi-year investigation with our law enforcement and international partners. Dridex has been targeting UK victims since at least 2014, compromising and stealing from large organisations, SMEs and the general public. Malware is a continuing cyberthreat but we can all reduce our risk of becoming victims to cyber criminals by ensuring our devices are patched, anti-virus is turned on and up to date and files are backed up.”
Concerns expressed after leak of messages between Boris Johnson and vacuum magnate Dyson
Officials advised that hostile states use LinkedIn and other sites
Gary Aitkenhead is leaving Dstl
Whistleblower raised concerns about practice that went unheeded
Higher Education institutions are some of the most consistently targeted organisations for cyberattacks. CrowdStrike explores the importance of the right cybersecurity measures.
SolarWinds explains how public sector organisations can make the most of their hybrid IT investments - delivering services that are both innovative and reliable
There are many reasons to keep your Oracle workloads running on local servers. But there are even more reasons to move them to the cloud as part of a wider digital transition strategy. Six Degrees...
With the backdrop of the COVID-19 pandemic, every disaster now entails responding to at least two emergencies. Dataminr explains how organisations can best prepare.