Posted On Thursday, June 5, 2014

On Monday, the Department of Justice unsealed criminal charges in Pittsburgh, Pennsylvania and Omaha, Nebraska against an individual alleged to have engineered the theft of $100 million through computer hacking and cyber-extortion.  The charges were filed against a Russian citizen, Evgeniy Bogachev, for his alleged role in administrating the Gameover Zeus botnet, a global network of computers used by cyber-thieves to steal personal and financial information, including PIN numbers, passwords, and account numbers.  A botnet is a network of computers that cyber criminals have infected with a virus that allows them access to each computer and control each computer remotely.  The Gameover Zeus botnet is alleged to have affected consumers and businesses, including almost $7 million from a Florida bank, $374,000 from a bank account owned by a plastics company in Pennsylvania, and $190,800 from the bank account belonging to an assisted-living facility in Pennsylvania.

Bogachev was also allegedly involved in circulating a malicious computer virus known as Cryptolocker, a program described as “ransomware” that encrypts the a user’s computer until they pay a ransom to access their files.  Cryptolocker allegedly affected over 234,000 computers, approximately half of those were located inside the United States.  Victims were forced to pay hundreds of dollars – often as much as $700 – to receive the key necessary to unlock their files.  If the victim did not pay the ransom, it was impossible to access their files.  Over $27 million in ransom payments were paid by users due to Cryptolocker.  

Given the prolific nature of Mr. Bogachev, the FBI added him to its list of “Cyber’s Most Wanted.”  The unsealed indictment against Bogachev filed in the Western District of Pennsylvania can be found here; the criminal complaint filed in the District of Nebraska can be found here.

In addition to the criminal charges, DOJ also filed a civil action in Pittsburgh seeking an injunction against Bogachev and his alleged co-conspirators.  The case was filed under 18 U.S.C. §§1345 and 2521 which allow the United States to obtain a temporary restraining order and a permanent injunction against individuals or entities attempting to defraud financial institutions or intercept electronic communications.  The civil complaint can be found here; the motion for temporary restraining order and memorandum of law in support of the motion can be found here and here, respectively.