US and British officials announced the charges today. They allege that Yakubets, who went by "aqua" online, conducted two international computer hacking and bank fraud schemes over the course of a decade.
"Maksim Yakubets allegedly has engaged in a decade-long cybercrime spree that deployed two of the most damaging pieces of financial malware ever used and resulted in tens of millions of dollars of losses to victims worldwide," said Assistant Attorney General Brian A. Benczkowski.
Yakubets is charged with conspiracy to commit bank fraud using the "Zeus" malware, which he and co-conspirators used to steal millions of dollars from 21 municipalities, banks, companies and nonprofits across the US. According to The Washington Post, targeted companies included a dairy company in Ohio, a luggage store in New Mexico and an order of religious sisters.
Officials also indicted Igor Turashev, from Yoshakr-Ola, Russia, for his alleged role in spreading the "Bugat" malware. The 10-count indictment alleges that Yakubets and Turashev used the "Bugat" malware to make unauthorized transfers from victims' bank accounts. They reportedly hit two banks, a school district and four companies, ranging from a petroleum business to a metal manufacturer. Those attacks resulted in the theft of millions of dollars.
"For over a decade, Maksim Yakubets and Igor Turashev led one of the most sophisticated transnational cybercrime syndicates in the world," said U.S. Attorney Scott W. Brady. "Deploying 'Bugat' malware, also known as 'Cridex' and 'Dridex,' these cybercriminals targeted individuals and companies in western Pennsylvania and across the globe in one of the most widespread malware campaigns we have ever encountered."