‘The most significant cybercrime threat to the UK’ – authorities indict Evil Corp kingpin

Written by Sam Trendall on 16 December 2019 in News
News

Reward of $5m offered for Maksim Yakubets

Credit: Crown Copyright

The head of a criminal group that poses “the most significant cybercrime threat to the UK” has been indicted on hacking and fraud charges.

Ukraine-born Maksim Yakubets – who now holds Russian citizenship – leads Evil Corp, which the National Crime Agency describes as “the world’s most harmful cyber group”. The charges brought against him follow a five-year international investigation that saw “unprecedented collaboration” between the NCA, the National Cyber Security Centre, and the FBI.

The 32-year-old cyber kingpin is now facing federal charges of conspiracy, conspiracy to commit fraud, wire fraud, bank fraud, and intentional damage to a computer. A reward of $5m is offered for information leading to his arrest – the highest such amount ever offered for a cybercriminal.

According to the NCA, the crimes perpetrated by the Moscow-based group span from 2009 to the present day. Its most high-profile attacks include those powered by the Dridex trojan, which is designed to steal banking credentials.


Related content


Evil Corp runs a “network of money launderers who have funnelled profits back” to the organisation, the NCA said.

The malware spread by the hacking group has caused “financial losses totalling hundreds of millions of pounds in the UK alone”, the crime agency added.

Lynne Owens, director general of the NCA, said: “The significance of this group of cybercriminals is hard to overstate; they have been responsible for campaigns targeting our financial structures with multiple strains of malware over the last decade. We are unlikely to ever know the full cost, but the impact on the UK alone is assessed to run into the hundreds of millions.” 

She added: “While the harm caused by this group has targeted mainly financial institutions, there is no doubt that their activity has had real world impacts, defrauding and stealing from victims in the UK and worldwide. The Lamborghini Yakubets drives was someone’s life savings, now emptied from their bank account.”
The car in question – which is pictured in the collage above and reportedly bears a personalised number plate that translates as ‘Thief’ – typifies what authorities claimed is a luxurious lifestyle. The cybercrime chief spent more than £250,000 on a lavish wedding, according to the NCA.

But the indictments, which will result in Yakubets’ arrest if he is ever apprehended outside Russia, will hamper his activities, authorities said. Not only will the hacking boss, who goes by the online pseudonym Aqua, face much greater international scrutiny, but “other criminals… will find him toxic to deal with”.

Paul Chichester, NCSC operations director, said: “[This] announcement is the result of a multi-year investigation with our law enforcement and international partners. Dridex has been targeting UK victims since at least 2014, compromising and stealing from large organisations, SMEs and the general public. Malware is a continuing cyberthreat but we can all reduce our risk of becoming victims to cyber criminals by ensuring our devices are patched, anti-virus is turned on and up to date and files are backed up.”

 

About the author

Sam Trendall is editor of PublicTechnology

Share this page

Tags

Categories

CONTRIBUTIONS FROM READERS

Please login to post a comment or register for a free account.

Related Articles

‘We speak civil service, but we speak private sector too’ – JSaRC head Angela Essel on government’s ‘bilingual’ approach to national security
21 February 2020

The Home Office’s Joint Security and Resilience Centre helps government work with industry to meet the UK’s security challenges. We talk to new head Angela Essel about why ‘heated discussions’...

Why government is ‘failing’ on AI openness
17 February 2020

The body dedicated to upholding ethical standards across the public sector has published a major report examining how to ensure those standards are not threatened by AI and automation

Regulators issue warning over police use of facial recognition
27 January 2020

Biometrics and information commissioners remind Met Police that questions remain over both legal footing and public sentiment