Russian hackers hit ABQ company
FBI: Lieber’s Luggage taken for $57K in 2009 cybercrime scheme
Leslee Richards, owner of Lieber’s Luggage in Albuquerque, learned this week that her company and the Bank of Albuquerque had been targeted nearly a decade ago in what authorities allege was an international, multimillion dollar cybercrime conspiracy involving one of the most wanted cybercriminals in the world.
Named as a defendant in the case is Evgeniy Mikhaylovich Bogachev of Russia, who went by the online nickname “lucky12345,” and is still wanted by the FBI. Also mentioned are several alleged co-conspirators from Russia, Ukraine and the United Kingdom.
Richards recalls being contacted in 2009 by a representative from Bank of Albuquerque who told her that the Lieber’s account had been compromised. She said the bank told her it would compensate her for the amount that they had been unable to recover, about $9,000.
But Richards said it wasn’t until a Journal reporter sent her an affidavit from an FBI agent this week that she realized that what happened to Lieber’s may have been part of something
larger.
“When I read it, I thought, ‘Holy cow,’” said Richards.
According to the affidavit, part of a 2014 criminal complaint filed in federal court in Nebraska, the FBI believes hackers remotely installed malicious software on a computer at Lieber’s on Sept. 18, 2009.
Information stolen from that computer by the software was then used to transfer funds from Lieber’s account with Bank of Albuquerque to accounts owned by the hackers, according to the FBI.
The affidavit states that Lieber’s was one of thousands of businesses around the country targeted at that time by the same group of individuals; there is no mention of any other New Mexicobased business.
A spokesman for Bank of Albuquerque’s parent organization, BOK Financial, said the total amount stolen from Lieber’s had been about $57,000, though all but the $9,000 was eventually recovered. He said no other customers had been affected, and that the FBI did not tell the bank at the time that the issue was part of a broader investigation.
The FBI did not respond to a request for an interview about the case.
The court filings describe the events as part of a “long-running conspiracy to employ widespread computer intrusions, malicious software, and fraud to steal millions of dollars from numerous bank accounts in the United States and elsewhere.”
Bank of Albuquerque is one of 12 U.S. financial institutions named as “selected victims” in the affidavit, which does not describe any underlying relationship between the institutions other than that they all used third-party systems to conduct certain types of transactions.
According to an FBI poster, Bogachev remains at large and is wanted for his alleged involvement with malicious software known as “Zeus”— the software used to target Lieber’s, as per to court documents — and “GameOver Zeus.” The latter is believed to be responsible for more than one million computer infections and financial losses of more than $100 million, according to the FBI, which is offering a reward of up to $3 million for information leading to Bogachev’s arrest.
In December 2016, President Barack Obama authorized sanctions against Russia for interference in the presidential election that year. Included in the order was a designation by the U.S. Treasury Department against Bogachev for criminal cyber-activities, though the order made no connection between Bogachev and election interference.
The BOK Financial spokesman said much has changed at the Bank of Albuquerque and its other banking divisions since 2009. The company now requires that clients who initiate wires and other types of transactions use software that monitors malicious software. The organization has also added internal software that highlights suspicious transactions in a customer’s history, which are then flagged and investigated.
As for Richards, she said she has no information about what it was about Lieber’s of Albuquerque that could have made it a ripe target for an alleged international conspiracy.
“Why they came to us, I have no idea,” said Richards.