The New York Times tried to find him.
The New York Times spoke to a variety of people – government officials, research organizations, lawyers and even hackers – in an attempt to learn more about Russian hacker Evgeny Bogachev, whom the FBI accuses of numerous cybercrimes in the United States. The U.S. is promising $3 million for his capture, the largest amount ever for the extradition of a man who has stolen hundreds of millions of dollars from bank accounts around the world by hacking into computers. But the FBI is more concerned that it suspects Evgeny Bogachev is being used by Russian intelligence services to extract classified information from the computers he hacked, and that this is a mutually beneficial cooperation.
In the United States, 33-year-old Russian Evgeny Bogachev is accused of numerous cases of hacking into computer networks of various organizations and banks and stealing hundreds of millions of dollars from bank accounts. For his capture, the U.S. authorities promise a reward of $3 million – for no hacker in the world has not yet offered such a reward, reports The New York Times. In December, Evgeny Bogachev’s name appeared on the list of Russian citizens and organizations, against which the Obama administration imposed sanctions for involvement in interference in the U.S. presidential election. However, in a conversation with the NYT law enforcement officials clarified that he was included in the list for his criminal offenses, and not for the hacking of the servers of the Democratic National Committee, which is accused of certain Russian hackers.
Evgeny Bogachev’s hacking career, according to the FBI, began more than a decade ago. He and several friends developed the GameOver ZeuS malware program. They used it to bypass the most sophisticated computer security systems in banks and infect more and more computers around the world. According to FBI officials, it was the most advanced embezzlement scheme known to them and for years it was impossible to destroy. It allowed Evgeny Bogachev to amass a huge fortune. At one time he allegedly had two villas in France and a whole fleet of cars in different European cities, so that when traveling there he did not have to rent cars. This was reported to the NYT by a Ukrainian law enforcement officer. In addition, Yevgeniy Bogachev allegedly had three passports in different names to travel freely. According to U.S. intelligence agencies, at the height of this illegal scheme, Yevgeniy Bogachev had between 500,000 and 1 million computers under his control. It was only in the summer of 2014 when the FBI and law enforcement agencies of more than a dozen countries managed to stop the spread of malware and clean infected computers.
However, American authorities are more concerned not that Evgeny Bogachev is emptying bank accounts, but that his work is most likely being used by Russian intelligence services. Control over 1 million computers in several countries means access not only to bank data or innocuous personal photo archives and correspondence, but also to sensitive information. And while Evgeny Bogachev was stealing money, Russian authorities were standing behind him, the NYT wrote, searching the same computers for valuable information. In essence, law enforcement officials explained to the NYT, the authorities were using a large-scale criminal scheme to conduct their intelligence operation without bothering to do the hard work of hacking into computer networks. As data collected by U.S. intelligence agencies and Fox-IT, a company specializing in cybersecurity measures, show, the Russian side was very interested in, for example, information about the situation in eastern Ukraine, U.S. arms supplies to Syrian rebels, the participation of Russian mercenaries in the fighting in Syria, personal data of security officials in Georgia and Turkey, etc. Requests for such information, according to Fox-IT, began to arrive on computers controlled by Evgeny Bogachev around the beginning of 2011. Cybersecurity experts who have studied these cases and are familiar with Bogachev’s case say it is impossible to determine exactly who was sending these requests. However, they say, the requests are so unrelated to the embezzlement and fraud that Evgeny Bogachev specializes in that there can be no motive here other than espionage. Among the hacked computers, U.S. authorities believe, were almost certainly those of government officials. “There were so many computers infected that I would say it’s very likely that among them were computers of employees of U.S. and foreign government agencies,” Brett Stone-Gross, a cybersecurity analyst who studied GameOver ZeuS, told the NYT.
As the NYT notes, the FBI at one time had high hopes that they would be able to track down and apprehend Russian hackers stealing Americans’ money in joint operations with the FSB. But it never came to that. And then there were suspicions that Russian authorities were recruiting the very people the FBI was beginning to prosecute for cybercrimes. “Almost all hackers indicted by the U.S. government were immediately sought out by the Russian government,” Arkady Bukh, a New York lawyer who regularly represents Russian hackers who are arrested in the U.S., told the NYT, ”and each time they were asked to provide logistical and technical assistance.
Proving a cybercrime link to Russian intelligence is difficult, though many in the US say so. However, as Mr. Berglas told the NYT, once FBI agents monitoring activity on an infected computer were surprised to witness a hacker (the subject of their investigation) send a copy of his passport to a man the FBI believed to be a Russian intelligence officer. That is, the FBI suggested, this suspect was clearly being recruited or protected.
Investigative authorities told the NYT that they are negotiating with the Russian government to extradite Yevgeny Bogachev, but this has so far come to nothing. According to U.S. intelligence agencies, the cybercriminal’s mutually beneficial cooperation with Russian intelligence services allows him to live quite freely in Russia. He lives under his own name in Anapa, has a large apartment by the sea (and allegedly another one in Moscow), a collection of expensive cars and his favorite Jeep Grand Cherokee. He regularly sails his yacht to the Crimea. From conversations with people who personally or indirectly know Evgeny Bogachev, NYT tried to understand what kind of person he is. The newspaper spoke to another Russian hacker, Alexander Panin, who is serving time in a Kentucky prison for bank fraud and who knows Evgeny Bogachev. According to Alexander Panin, Yevgeny Bogachev in online conversations regularly complained of fatigue and “lack of time for his family.” “As far as I remember, he talked about his wife and two children,” Alexander Panin reported. According to FBI employee Keith Mularski, who led the investigation into Yevgeny Bogachev that culminated in charges in 2014, Bogachev was paranoid, he “didn’t trust anyone.” A dossier on Yevgeniy Bogachev held by the Ukrainian Interior Ministry (it helped the FBI track the hacker’s movements) states that he “works under the supervision of a special department of the FSB.” The newspaper did not receive a response to a request from the Russian FSB on this matter. The fact that Evgeny Bogachev remains at large is “the most powerful argument” to prove his connection to Russian authorities, according to Austin Berglas, a former special agent in charge of cyber investigations at the FBI. Hackers like him, Mr. Berglas says, are “working part-time,” “doing the bidding of Russian intelligence, whether for economic espionage or conventional espionage.”
Source: https://www.kommersant.ru/doc/3240972