Skip to content ↓ | Skip to navigation ↓

The State of Security’s countdown of the FBI’s 10 most-wanted black-hat hackers is nearly over. Just two criminals remain. At number two is Evgeniy Mikhailovich Bogachev, the leader of a cybercrime ring responsible for writing and promulgating Gameover Zeus.

On 22 August 2012, a federal grand jury in Nebraska indicted Bogachev on several charges, including conspiracy to commit bank fraud, computer fraud and identity theft.

Later, a United States District Court for the Western District of Pennsylvania filed a separate indictment on 19 May 2014, charging him with computer fraud, bank fraud, money laundering and wire fraud, among other charges.

Finally, a third indictment only a week or two thereafter linked Bogachev to his nickname “lucky12345” and charged him with additional counts of conspiracy to commit bank fraud.

According to his May 19 indictment, Bogachev and co-conspirators based in the UK, Russia and Ukraine began sending out phishing emails in the fall of 2011. When users clicked on these malicious links, they unknowingly downloaded Gameover Zeus, a form of malware which the FBI and the European Cybercrime Centre (EC3) took down in the spring of 2014. Bogachev in turn used Gameover Zeus as a means to distribute Cryptolocker, ransomware which encrypts an infected computer’s files and issues a ransom demand for the decryption key.

As a result of this two-pronged attack combining Gameover Zeus and Cryptolocker, the criminal succeeded in stealing $100 million, including tens of millions of dollars transferred to overseas bank accounts via illegal wire transfers.

As of this writing, the author of Gameover Zeus remains at large. Bogachev’s last known place of residence was Anapa, Russia. At one time, he owned property in Krasnodar, Russia and was known to travel to different locations along the coast of the Black Sea.

The U.S. government is offering $3 million for information that leads to Bogachev’s arrest.

You can read about some other black-hat hackers wanted by the FBI below: