Russian spying built on hacker’s network
To the FBI, Evgeniy Bogachev is the most wanted cybercriminal in the world. The bureau has announced a $3 million bounty for his capture, the most ever for computer crimes, and has been trying to track his movements in hopes of grabbing him if he strays outside his home turf in Russia.
He has been indicted in the U.S., accused of creating a sprawling network of virus-infected computers to siphon hundreds of millions of dollars from bank accounts around the world, targeting anyone with enough money worth stealing — from a pest control company in North Carolina to a police department in Massachusetts to a Native American tribe in Washington.
In December, the Obama administration announced sanctions against Bogachev and five others in response to intelligence agencies’ conclusions that Russia had meddled in the presidential election. Publicly, law enforcement officials said it was his criminal exploits that landed Bogachev on the sanctions list, not any specific role in the hacking of the Democratic National Committee.
But it is clear that for Russia, he is more than just a criminal. At one point, Bogachev had control over as many as 1 million computers in multiple countries, with possible access to everything from family vacation photographs and term papers to business proposals and highly confidential personal information. It is almost certain that computers belonging to government officials and contractors in several countries were among the infected devices. For Russia’s surveillance-obsessed intelligence community, Bogachev’s exploits may have created an irresistible opportunity for espionage.
While Bogachev was draining bank accounts, it appears that Russian authorities were looking over his shoulder, searching the same computers for files and emails. In effect, they were grafting an intelligence operation onto a far-reaching cybercriminal scheme, sparing themselves the hard work of hacking into the computers themselves, officials said.
His involvement with Russian intelligence may help explain why Bogachev, 33, is hardly a man on the run. FBI officials say he lives openly in Anapa, a rundown resort town on the Black Sea in southern Russia. He has a large apartment near the shore and possibly another in Moscow, officials say, as well as a collection of luxury cars, though he seems to favor driving his Jeep Grand Cherokee. U.S. investigators say he enjoys sailing and owns a yacht.
Running the criminal scheme was hard work. Bogachev often complained of being exhausted and “of having too little time for his family,” said Alexander Panin, a Russian hacker, now in a federal prison in Kentucky for bank fraud, who used to communicate with Bogachev online. “He mentioned a wife and two kids as far as I remember,” Panin wrote in an email.
Beyond that, little is known about Bogachev. Even close business associates never met him in person or knew his real name. “He was very, very paranoid,” said Keith Mularski, an FBI supervisor in Pittsburgh whose investigation of Bogachev led to an indictment in 2014. “He didn’t trust anybody.”
Russia does not have an extradition treaty with the United States, and Russian officials say that so long as Bogachev has not committed a crime on Russian territory, there are no grounds to arrest him.
That Bogachev remains at large “is the most powerful argument” that he is an asset of the Russian government, said Austin Berglas, who was an assistant special agent in charge of cyberinvestigations out of the FBI’s New York field office until 2015.