Bring me Evil Corp! US puts out largest ever bounty on a cybercriminal

By Harry Menear
Yesterday, the United States Treasury Department’s Office of Foreign Assets Control (OFAC) officially announced that it has brought charges against th...

Yesterday, the United States Treasury Department’s Office of Foreign Assets Control (OFAC) officially announced that it has brought charges against the Russian hacking organisation known as Evil Corp.

In addition to the charges, the State Department has announced a bounty of $5mn for any party who provides information leading to the arrest of the group’s leader. 

The charges have been laid at the feet of Evil Corp chief, Maksim Yakubets and Igor Turashev, an associate of the group. Yakubets is believed to have ties to the Russian government and, according to OFAC, “provides direct assistance to the Russian government’s malicious cyber efforts, highlighting the Russian government’s enlistment of cybercriminals for its own malicious purposes.” If true, this would be a truly malicious act. 

According to OFAC, Evil Corp was behind the distribution of a piece of malware called Dridex, a piece of code that leverages macros in Microsoft Office in order to infect systems and steal personal information like banking credentials. OFAC estimates that Evil Corp used the Dridex malware to infect computers and harvest login credentials from hundreds of banks and financial institutions in over 40 countries, accounting for over $100mn in theft.  This software has allegedly caused millions of dollars of damage to US and international financial institutions and their customers.


Annually, it’s estimated that cybercrime costs the global economy in excess of $600bn. OFAC - which is working in tandem with the US State Department - believes that Yakubets and Evil Corp have “engaged in a decade-long cybercrime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide," Assistant Attorney General Brian Benczkowski said in a statement.

“Treasury is sanctioning Evil Corp as part of a sweeping action against one of the world’s most prolific cybercriminal organizations. This coordinated action is intended to disrupt the massive phishing campaigns orchestrated by this Russian-based hacker group,” said Steven T. Mnuchin, Secretary of the Treasury.  “OFAC’s action is part of a multiyear effort with key NATO allies, including the United Kingdom. Our goal is to shut down Evil Corp, deter the distribution of Dridex, target the “money mule” network used to transfer stolen funds, and ultimately to protect our citizens from the group’s criminal activities.” 


Featured Articles

Infosys: European firms struggle to generate gen AI value

Research from Infosys forecasts that European companies will increase their generative AI investments by 115% in the next year, up to US$2.8bn

KPMG appoints Global Head of AI to drive AI strategy

KPMG marks next phase in its AI strategy with appointment of Global Head of AI and launch of global framework for design, build and of use of AI solutions

Google unveils Gemini, its largest and most capable AI model

Google says its Gemini AI model is built from the ground up for multimodality — reasoning seamlessly across text, images, video, audio, and code

Technology key to integrating sustainability into strategies

Digital Transformation

Hitachi Vantara addresses cloud demand with Google Cloud

Cloud Computing

Google delays launch of long-anticipated Gemini AI model

AI & Machine Learning