U.S. Offers $ 3 Million Reward for Russian Sought in Bank Hack

Washington – The United States on Tuesday offered a $ 3 million reward for information to apprehend a Russian national sought in a major hacking enterprise that stole some $ 100 million.

The State Department made the announcement of the reward for information on Evgeniy Mikhailovich Bogachev, believed to be the administrator of the group that created the “GameOver Zeus” malware that enabled thieves to break into bank accounts in 12 countries.

Bogachev is already on the FBI “cyber’s most wanted” list and is believed to be living in Russia.

“This reward offer reaffirms the commitment of the US government to bring those who participate in organized crime to justice, whether they hide online or overseas,” a State Department statement said.

Bogachev was charged last year with 14 counts including conspiracy, computer hacking, bank fraud and money laundering, after the FBI said it dismantled the operation with the help of technology companies such as Microsoft and Symantec.

According to investigators, the scheme used emails to infect up to one million computers, which could then be controlled by the hackers to gain bank login credentials to steal funds.

Some security experts said the malware re-emerged shortly after the FBI action.

Related: Gameover Zeus Most Prevalent Banking Trojan of 2013: Dell SecureWorks

Tags:

A Russian hacker group has obtained an estimated 1.2 billion Internet credentials collected from various websites around world, Nicole Perlroth and David Gelles of the New York Times reported Tuesday. 

According to data provided to the newspaper by Hold Security, the Times reported that user names and passwords were stolen from roughly 420,000 websites of all different sizes. According to the report, the hackers also gained access to 500 million email addresses.

“Hackers did not just target U.S. companies, they targeted any website they could get, ranging from Fortune 500 companies to very small websites,” Alex Holden, founder and chief information security officer of Hold Security, told the Times.

Most of the sites that the hackers pillaged are still vulnerable, Holden said. The Times said the group is based in a small city in south central Russia and includes fewer than a dozen men in their 20s “who know one another personally — not just virtually.”

“This issue reminds me of an iceberg, where 90 percent of it is actually underwater,” John Prisco, CEO of Triumfant, told SecurityWeek in an emailed statement. “That’s what is going on here with the news of 1.2 billion credentials exposed. So many cyber breaches today are not actually reported, often times because companies are losing information and they are not even aware of it.”

“Today, we have learned of a huge issue where it seems like billion passwords were stolen overnight, but in reality the iceberg has been mostly submerged for years – crime rings have been stealing information for years, they’ve just been doing it undetected because there hasn’t been a concerted effort on the part of companies entrusted with this information to protect it,” Prisco continued.

An Urgent Call for Two-factor Authentication

Eric Cowperthwaite, vice president, advanced security & strategy at Core Security, explained that this is another example of the pressing need for users and companies to leverage two-factor authentication.

“Companies need to transition to two-factor authentication,” Cowperthwaite said. “Companies such as Facebook and Twitter have finally started offering two-factor authentication, but the bottom line is that most users aren’t taking advantage of it.”

“Banks, as a standard practice, should absolutely be using two-factor authentication,” Cowperthwaite added. “They have a certain amount of loss from fraud built into their operating model – they just accept that it will happen. This acceptance is a shame since there are many simple ways to reduce those costs significantly.”

Holden told the Times that his team has started to alert victimized companies of breaches, but had been unable to reach every website. He also said that Hold Security was working to develop an online tool that enables users to test and see if their personal information is in the database.

“Russian cyber gangs are known for breaking in to steal whatever they can as quickly as possible,” said Joshua Roback, Security Architect, SilverSky. “We should expect to see these accounts for sale on underground forums before the week is through.”

“Understanding why passwords are so valuable to hackers can both explain and prepare enterprises to deal with potential security vulnerabilities,” SecurityWeek columnist Gil Zimmermann noted in a December 2013 column. “There are potentially hundreds of uses for stolen passwords once they are obtained.”

While not close to the scope of this recently disclosed discover, Germany’s Federal Office for Online Security (BSI) warned Internet users in January that cybercriminals had obtained a list of 16 million email addresses and passwords.

Related: Hackers Just Made Off with Two Million Passwords, Now What?

Tags:

• NEWS & INDUSTRY
• Fraud & Identity Theft
• Cybercrime