US, UK Governments Unite to Indict Hacker Behind Dreaded Dridex Malware

Maksim Yakubets, who allegedly runs Russia-based Evil Corp, the cybercriminal organization that developed and distributed banking malware Dridex, has been indicted in the United States by the U.S. Treasury Department’s Office of Foreign Assets Control (OFAC).

According to a press release published by the U.S. Department of Justice, the indictment follows a collaborative effort between the U.K.’s National Crime Agency (NCA), the National Cyber Security Centre, and the United States’ FBI.

In a separate announcement introducing new sanctions against Yakubets, Treasury Secretary Steven Minucin said that this effort is “intended to disrupt the massive phishing campaigns orchestrated by this Russian-based hacker group.”

Evil Corp infected computers with Dridex to gather login credentials from banks and financial institutions in over 40 countries, notoriously causing millions of dollars in losses to individuals and businesses alike. Dridex has also been known to distribute ransomware.

[Related: URSNIF, EMOTET, DRIDEX and BitPaymer Gangs Linked by a Similar Loader]

In addition to Dridex, Yakubets also allegedly used Zeus malware to siphon off over US$70 million from victims’ bank accounts. The State Department has posted a US$5 million reward for information related to the capture of Yakubets. This is the largest reward ever offered for the capture of a cybercriminal.

Security recommendations against phishing

Phishing has been around for years, but it’s still an effective method used to steal information. Users can adopt these best practices to identify and avoid phishing attacks.

  • Examine emails should be examined for grammatical errors and spelling mistakes, which are red flags.
  • Check the URLs of links used in the email; hovering above the URL or link might reveal a different website address.
  • Verify the sender’s identity; phishing attacks commonly use spoofed (or hacked) email addresses of persons or organizations that you recognize.
  • Be cautious of emails from individuals or organizations that ask for personal information.
  • Be wary of emails that call for urgent action or have an alarmist tone.

Organizations, for their part, can adopt advanced technologies to defend against phishing attacks. Trend Micro™ Cloud App Security, which detected and blocked 2.4 million credential phishing attacks in 2019 1H, uses artificial intelligence (AI) and computer vision technology to help detect and block phishing attacks that use brand impersonation by checking if a legitimate login page’s branded elements, login form, and other website components are being spoofed. 


Like it? Add this infographic to your site:
1. Click on the box below.   2. Press Ctrl+A to select all.   3. Press Ctrl+C to copy.   4. Paste the code into your page (Ctrl+V).

Image will appear the same size as you see above.