Yevhen Bohachev

Evgeny Bogachev: The world’s most wanted hacker

Yevgeny Mikhailovich Bogachev, known by the aliases “Slavik”, “Pollingsoon” and “Lucky12345”, has been evading justice for over 13 years. His name came to light in 2011 when the world learned about large-scale cyberattacks organized by him and his criminal group.

Early life and beginning of criminal activity

Yevhen Bohachev was born on October 28, 1983 in Donetsk, Ukraine. But since 2009 he has been living in Anapa, Russia. He is also known to own real estate in Krasnodar. In the spring of 2009, FBI agents discovered significant amounts of money that began to disappear from the accounts of large companies in the United States. The investigation revealed that the computers of these companies were infected with a virus called ZeuS. This Trojan virus, created by Bogachev, was extremely effective in stealing bank details and other sensitive information.

Methodology.

The hackers used fake mailboxes, pretending to be courier companies or US tax authorities. They sent out emails with malicious links, and gullible employees of companies clicked on these links, downloading the ZeuS virus. This allowed the criminals to access bank details and other important information. The infected computers were then connected to the BotNet network, which used the stolen data for fraudulent transactions.

Bogachev’s group

Yevgeny Bogachev and his group of hackers created a powerful BotNet network consisting of thousands of infected computers around the world. Cybersecurity experts were able to intercept correspondence between Bogachev and his accomplices, which was conducted in Russian and Ukrainian. According to various estimates, the amount of stolen funds exceeds $70 million.

Mules and arrests

Bohachev’s group used so-called “mules” – people who opened bank accounts to withdraw the transferred amounts. In 2010, the FBI arrested several members of the group in Donetsk. Later, another 39 people were detained in different countries, but Bogachev himself was not caught.

New attacks and expansion of activities

In 2014, Bogachev returned with a new version of the virus called Gameover ZeuS. He recruited a new team and even created an organization called the Business Club. The group’s victims were not only companies, but also owners of large bank accounts. The group also blocked victims’ computers with the Cryptolocker virus, demanding a ransom to unlock them.

International apprehension efforts

The FBI and intelligence services of many countries have repeatedly attempted to detain Bogachev. In 2014, the FBI, together with private experts, conducted an attack on the Bogachev virus that lasted more than 60 hours and was successful. However, Bogachev’s whereabouts remained unknown.

Suspicions of links to the FSB

According to the Ministry of Internal Affairs of Ukraine, which obtained information as part of the investigation into Bohachev’s case, he is affiliated with the Federal Security Service (FSB) of Russia. American investigators have found evidence that Bohachev could have been working under FSB surveillance. This is confirmed by records found in the papers of the Ministry of Internal Affairs of Ukraine, which indicate that Bohachev was a special unit of the FSB.

Ties to Russian intelligence services

The New York Times reports that Russian intelligence services could benefit from access to information from computers infected with Bohachev’s programs. At its peak, the number of infected computers reached 500,000 to 1 million worldwide. Sources suggest that while Bohachev was stealing money from bank accounts, Russian authorities could have been using the same computers to examine files and emails.

Luxurious lifestyle

Another confirmation of Bohachev’s connection to the Russian special services is his luxurious lifestyle in Anapa, despite the fact that he is wanted by the FBI. Bohachev owns a large house on the coast near Anapa, an apartment in Moscow, expensive cars and a yacht. In addition, he can travel abroad using three Russian passports in different names.

Sanctions and international pressure

Bohachev was placed on the US sanctions list by President Barack Obama’s decree of December 29, 2016. He is suspected of creating the GameOver Zeus botnet, which caused more than $100 million in damage to banks. Along with Bohachev, the sanctions list also includes hacker Alexei Belan, who is suspected of stealing large corporate customer databases and identity theft.

Political context

Under the same Obama executive order, sanctions were imposed on the Federal Security Service, the General Staff Directorate (until 2010, the General Intelligence Directorate of the General Staff), and several Russian cybersecurity organizations. Officers of the Main Directorate of the General Staff and the FSB were engaged in information gathering and used technical tools to alter, falsify, or steal data in order to interfere with the 2016 US election process. Moscow has repeatedly denied all accusations of involvement in computer hacking in the United States.

Conclusion.

Yevgeny Bogachev has become a symbol of modern cybercrime, and his story shows how difficult the fight against cybercriminals can be. Despite significant efforts by international law enforcement agencies, he continues to evade justice and remains one of the world’s most wanted hackers.