WASHINGTON (KDKA/AP) – A Russian computer hacker is accused of leading a worldwide conspiracy that targeted hundreds of thousands of computers with malware that enabled his group to steal more than $100 million from business and other bank accounts.
Criminal and civil allegations have been filed in Pittsburgh against the man, Evgeniy Bogachev. The documents are filed there because some of the victims are from western Pennsylvania.
U.S. authorities say Bogachev’s group infected computers with software that captured passwords and account numbers and stole millions of dollars from victims.
The members of the gang come from Russia, Ukraine and the United Kingdom.
The Justice Department scheduled a news conference Monday to discuss the charges. They come weeks after authorities revealed cyberespionage charges against five Chinese army hackers accused of stealing trade secrets from American firms.
“I would suggest that if you use a computer the information that we are providing to you today is very important,” said US Attorney David Hickton.
Among Bogachev’s hacking scheme tools was malware known as Gameover Zeus.
“Frequently targeting the computers of small and mid size businesses, the Gameover Zeus software intercepts passwords, and other private information that can be used to conduct wire transfers, and then initiates or redirects wire transfers from victims bank accounts to foreign bank accounts controlled by the criminals,” said Assistant US Attorney General James Cole.
The scheme also employed malware called “Cryptolocker” that helped. An Erie company called Haysite Reinforced Plastics was defrauded out of hundreds of thousands of dollars. Typically Cryptolocker holds encrypted information hostage, demanding payment to get it back.
So will Bogachev be tried in federal court in Pittsburgh?
Authorities say they’re still working on an arrest.
U.S. Attorney Hickton joined the KDKA Morning News to talk about Bogachev, as well as the virus’ Gameover Zeus and Cryptolocker.
Hickton gave some advice on avoiding having your personal information stolen.
He says, “if there was one thing I would tell [people] to do, it would be regularly change your password on a monthly basis.”
For more tips on how to avoid being a victim of a cyber-attack visit: http://www.us-cert.gov/ncas/alerts/TA14-150A.