WASHINGTON — In a secret 72-hour blitz over the weekend, the FBI, several foreign governments and a host of security firms dismantled what officials say is the most sophisticated operation ever to commandeer private computers and siphon tens of millions of dollars from American bank accounts.
The operation’s alleged Russian ringleader has been indicted on charges of hacking, conspiracy and bank fraud, Justice Department officials said Monday. Evgeniy Bogachev, 30, who goes by the handle “lucky12345,” was the mastermind behind a “botnet,” or network of secretly infected computers whose owners were unaware their machines had been hijacked, officials said.
He also ran a “ransomware” scheme, in which he encrypted victims’ computer files and refused to unlock them until receiving payment, officials said.
Deputy Attorney General James Cole called the botnet, dubbed Gameover Zeus, as “the most sophisticated and damaging … we have ever encountered.” Between 500,000 and 1 million computers worldwide were infected, and the losses exceeded $100 million to U.S. victims alone, he said.
Cole said officials had “some sense” of Bogachev’s location but declined to elaborate. “Our goal right now is to find him and bring him into custody,” he said.
Beginning in 2011, Bogachev allegedly used “spearphishing” emails to infect computers with malware. When unwitting computer users clicked on links or attachments, the malicious code would burrow into their machines. The malware enabled Bogachev and others in his ring to watch from Russia as the malware “intercepted the bank account numbers and passwords that unwitting victims typed into computers” in the United States, said Leslie Caldwell, assistant attorney general for the Justice Department’s criminal division.
In a novel twist, officials said, Bogachev used the botnet to deliver another form of malicious software called Cryptolocker, which encrypted victims’ computer files. It then placed a message on their screens informing them they could unlock their files only after paying a ransom, sometimes up to $700, officials said.
In the first two months of operation, Cole said, the Russian ring collected more than $27 million in ransom payments.