The Full Story of How Russian Hackers Stole $100M from US Banks

The Full Story of How Russian Hackers Stole $100M from US Banks

In the dark world of cybercrime remains one notorious Russian hacker, Yevgeny Bogachev, who is behind one of the most sophisticated and profitable unearthed malware schemes. This is an operation that targeted Western banks for more than $100 million in theft, underlying the complex relationship between Russian cyber-criminals and state intelligence agencies.

It's a story of how Bogachev, aka "Slavic," and his syndicate known as "The Business Club" pulled off these high-stakes cyber heists and how they managed to evade captivity with probable help from the Russian government.

The Cyber Heists Begin

It all started out with the employment of an incredibly advanced chunk of malware, called "Game Over Zeus." Hence, over a million computers started getting infected with the malware worldwide, creating a botnet—a network of compromised computers which could be remotely controlled. The infected computers became implements for the cyber gang to rob more than 150 banks around the world.

Unlike most cyber-robberies, which usually target small-scale sums, this gang aims big time by focusing on wire transfers of $100,000 or more.

The potentials of the malware were simply mind-boggling. Among other things, it enabled hackers to access banking credentials, steal passwords, and execute large-scale wire transfers with much ease. The money looted from such transactions was then laundered through a dizzyingly complex web of accounts to obscure its trail altogether, making it almost impossible to trace back to the culprits.

The Mastermind: Yevgeny Bogachev

At the center of this operation was Yevgeny Bogachev, a hacker with impressive technical acumen and a criminal bent of mind. Known throughout the cyber underworld as "Slavic," Bogachev was the mastermind who put together a team of specialists to carry out his scheme. Each member of "The Business Club" had some special function: some worked on the infrastructure of malware and others with tools to extract money, while others created accounts to sweep in the stolen funds.

These two components—Bogachev's leadership and the gang's expertise—made them equivalent to a mighty force in cybercrime. His prominence grew, as did his notoriety. The FBI decided how large his operations were and what a danger he was, topping their Most Wanted cyber criminal list with a $3 million bounty for information that would lead to his arrest.

The FBI's Investigation

It was the Pittsburgh office of the FBI that specialized in cybercrime investigations, and it took the lead to take down Game Over Zeus. Special Agent Scott Smith took the lead on the case and discovered an incredibly far-flung malware with very advanced methods. Not long into the probe, it unraveled a very important nondollar aspect of the malware: it wasn't just about financial theft but had an espionage component as well.

A Dutch security firm known as Fox-IT was able to flip Game Over Zeus and unlock its clandestine surveillance capabilities, adding search terms and commands to spy on foreign ministries and intelligence agencies directly into the malware's code—not exactly things that cybercriminals would be looking for. All these targets are within the purview of the FSB, Russia's state security service, often simply referred to as the successor to the KGB, which details a deeper, more sinister collaboration between Bogachev's gang and Russian intelligence.

The Murky Relationship with Russian Intelligence

The relationship between Russian cybercriminals and state intelligence agencies is convoluted and often obscure. Hacking Americans is sometimes a patriotic act in Russia. The hackers may be admired for their skill and the perceived defiance against a former enemy. In this cultural landscape, it is easier to recruit top cybercriminal talents and retain them for protective purposes.

The case of Bogachev epitomizes this relationship. Despite the effort of the Federal Bureau of Investigation and the $3 million reward for information leading to his capture, Bogachev remains elusive. There is a general belief that he enjoys the protective wings of Russian intelligence. Reports say that he may have even resorted to plastic surgery to avoid identification. This is further complicated by the reluctance on the part of the Russian government to cooperate with international efforts to arrest Bogachev.

Life in the Shadows

The story of Bogachev has become legendary as he led a life of luxury in the south of Russia. To some in the Russian cyber community, he is a hero who stands up against American dominance of cyberspace. Many ordinary Russians shared this view and even journalists who have been reporting about the hacking scene.

Andrei Soldatov, BBC Moscow correspondent and an investigator of troll farms, gave an insight into Russia's hacker culture. He said Bogachev is admired by all for his intellect, and he was considered cunning; their hacking Americans was a way to prove them that Russians are strong and technologically supreme.

The Hacker Marketplace

The lines between criminal activities and state-sponsored operations are really blurred in Russia. In most cases, what would conventionally be described as a "black market" on hacking services is like a free market wherein everybody—any person, group, or even the government—could hire cybercriminals to do them a specific task. Of course, this all happens with some impunity as long as the hackers do not misbehave against Russian institutions. It allows for an entire underground economy of cybercrime to thrive in an unregulated environment. Hackers can openly advertise services fronting fraud, espionage, or any other illegal activities with ease. This works in favor of the Russian government because it avails a talent pool from which one could draw during times when state purposes call for it and plausible deniability for attacks that could be traced.

Kaspersky Lab and Cybersecurity in Russia

Though known for some of the world's most notorious hackers, top cybersecurity experts call Russia home. The Moscow-based cybersecurity company Kaspersky Lab quite frequently collaborates with Russian law enforcement in investigating cybercrime. The company boss, Eugene Kaspersky, made his name with a leading anti-malware technology and a kind of genius-for-genius'-sake persona. Kaspersky Lab monitors many of the cybercriminal gangs that come from Russian-speaking countries, and its researchers are extremely good at giving important intelligence from those investigations. However, Bogachev was someone even they found incredibly hard to catch. The best hackers can remain invisible for years at a time. And without local victims, there is little that local law enforcement can do.

The Enduring Mystery of Bogachev

Of all the figures of cybercrime, few are more elusive than Yevgeny Bogachev. With a multi-million-dollar bounty on his head and international efforts in place to track him down, he somehow manages to slip through justice. His continued ability to disappear probably and go full-time on payroll with the Russian government further pillars the mystique around this figure. What happened with Bogachev and Game Over Zeus shows that cybercrime evolves all the time, together with other complicated links between hackers and state intelligence agencies. It underlines how difficult it is for international law enforcement to make cybercriminals accountable for their actions when they are operating and hiding under protection from very mighty governments. The story of Yevgeny Bogachev and his cyber team is an intriguingly convoluted tale that gives insight into the shadowy world of computer crime as well as strategic state usage of hacking talent. This makes it imperative to understand these dynamics in order to develop appropriate countermeasures and secure the global financial systems from such attacks.