Moscow's spies piggyback on hacker's operations

Mr Evgeniy Bogachev is said to be the brains behind a network of virus-infected computers used to extract hundreds of millions of dollars from bank accounts globally.
Mr Evgeniy Bogachev is said to be the brains behind a network of virus-infected computers used to extract hundreds of millions of dollars from bank accounts globally.PHOTO: NYTIMES

Russian cyber thief's vast trove of data tapped by his country's spies

NEW YORK • To the FBI, Mr Evgeniy Bogachev is the most wanted cyber criminal in the world. The Federal Bureau of Investigation has announced a US$3 million (S$4.2 million) bounty for his capture, the most for computer crimes.

But it is clear that for Russia, he is more than just a criminal.

For while he was draining bank accounts, it seems the Russian authorities were looking over his shoulder, searching the same computers for files and e-mails.

In effect, they were grafting an intelligence operation onto a far- reaching, cyber criminal scheme, without the hard work of hacking into the computers themselves.

Mr Bogachev has been indicted in the United States, accused of creating a sprawling network of virus- infected computers to syphon hundreds of millions of dollars from bank accounts worldwide, targeting anyone with enough money worth stealing - from a pest control company in North Carolina to a police department in Massachusetts to a Native American tribe in Washington.

  • $4.2m

  • Bounty for the capture of Mr Evgeniy Bogachev, the most wanted cyber criminal in the world. It is the most for computer crimes.

Last December, the Obama administration announced sanctions against Mr Bogachev and five others in response to intelligence agencies' conclusions that Russia had meddled in the US presidential election. Publicly, law enforcement officials said it was his criminal exploits that landed Mr Bogachev on the sanctions list, not any specific role in the hacking of the Democratic National Committee.

At one point, he had control over as many as one million computers in multiple countries, with possible access to everything from family vacation photos and term papers to business proposals and highly confidential personal information.

It is almost certain that computers belonging to government officials and contractors in several nations were infected too.

For Russia's surveillance-obsessed intelligence community, Mr Bogachev's exploits may have created an irresistible opportunity for espionage.

The Russians were particularly interested in information from military and intelligence services regarding fighting in eastern Ukraine and the war in Syria, according to law enforcement officials and cyber security firm Fox-IT.

But there also appear to have been attempts to gain access to military and intelligence information via infected computers in the US, often consisting of searches for documents containing the words "top secret" or "Department of Defence".

The FBI has long been stymied in efforts to catch Russian cyber criminals. For a time, the FBI had high hopes that its agents and Russian investigators would work together to target Russian thieves who had made a speciality of stealing Americans' credit card information and breaking into their bank accounts. But help rarely seemed to materialise.

After a while, agents began to worry that the Russian authorities were recruiting the very suspects that the FBI was pursuing.

"Almost all the hackers who have been announced by the US government through indictments are immediately tracked by the Russian government," said Mr Arkady Bukh, a New York-based lawyer who often represents Russian hackers.

The Russian government has plenty of cyberspace tools.

But the piggybacking on Mr Bogachev's activities offers some clues to the breadth and creativity of Russia's espionage efforts at a time when the US and Europe are scrambling to counter increasingly sophisticated cyber attacks.

Mr Bogachev, 33, is hardly a man on the run. FBI officials say he lives openly in Anapa, a rundown Black Sea resort town in southern Russia.

He has a large apartment there and possibly another in Moscow, officials note, as well as a collection of luxury cars and a yacht.

Beyond that, even close business associates have never met him in person or knew his real name.

"He was very, very paranoid," said Mr Keith Mularski, an FBI supervisor whose investigation of Mr Bogachev led to an indictment in 2014. "He didn't trust anybody."

Russia does not have an extradition treaty with the US, and Russian officials say that so long as Mr Bogachev has not committed a crime on Russian territory, there are no grounds to arrest him.


A version of this article appeared in the print edition of The Straits Times on March 14, 2017, with the headline 'Moscow's spies piggyback on hacker's operations'. Print Edition | Subscribe