Meet Bogachev, the US most wanted hacker, he loves fancy cars and leopard-skin pajamas, FBI places $3m bounty on him
To the F.B.I., Evgeniy M. Bogachev is the most wanted cybercriminal in the world. The bureau has announced a $3 million bounty for his capture, the most ever for computer crimes, and has been attempting to track his movements in hopes of grabbing him if he strays outside his home turf in Russia.
The New York Times reports that he has been indicted in the United States, accused of creating a sprawling network of virus-infected computers to siphon hundreds of millions of dollars from bank accounts around the world, targeting anyone with enough money worth stealing — from a pest control company in North Carolina to a police department in Massachusetts to a Native American tribe in Washington.
In December, the Obama administration announced sanctions against Mr. Bogachev and five others in response to intelligence agencies’ conclusions that Russia had meddled in the presidential election. Publicly, law enforcement officials said it was his criminal exploits that landed Mr. Bogachev on the sanctions list, not any specific role in the hacking of the Democratic National Committee.
But it is clear that for Russia, he is more than just a criminal. At one point, Mr. Bogachev had control over as many as a million computers in multiple countries, with possible access to everything from family vacation photographs and term papers to business proposals and highly confidential personal information. It is almost certain that computers belonging to government officials and contractors in a number of countries were among the infected devices. For Russia’s surveillance-obsessed intelligence community, Mr. Bogachev’s exploits may have created an irresistible opportunity for espionage.
Was It a 400-Pound, 14-Year-Old Hacker, or Russia? Here’s Some of the Evidence JAN. 6, 2017While Mr. Bogachev was draining bank accounts, it appears that the Russian authorities were looking over his shoulder, searching the same computers for files and emails. In effect, they were grafting an intelligence operation onto a far-reaching cybercriminal scheme, sparing themselves the hard work of hacking into the computers themselves, officials said.
The Russians were particularly interested, it seems, in information from military and intelligence services regarding fighting in eastern Ukraine and the war in Syria, according to law enforcement officials and the cybersecurity firm Fox-IT. But there also appear to have been attempts to gain access to sensitive military and intelligence information on infected computers in the United States, often consisting of searching for documents containing the words “top secret” or “Department of Defense.”
The Russian government has plenty of its own cyberspace tools for gathering intelligence. But the piggybacking on Mr. Bogachev’s activities offers some clues to the breadth and creativity of Russia’s espionage efforts at a time when the United States and Europe are scrambling to counter increasingly sophisticated attacks capable of destroying critical infrastructure, disrupting bank operations, stealing government secrets and undermining democratic elections.
This relationship is illustrated by the improbable mix of characters targeted with the sanctions announced by the Obama administration. Four were senior officers with Russia’s powerful military intelligence agency, the G.R.U. Two were suspected cyberthieves on the F.B.I.’s most wanted list: an ethnic Russian from Latvia named Alexsey Belan with a red-tinted Justin Bieber haircut, and Mr. Bogachev, whose F.B.I. file includes a photograph of him holding his spotted Bengal cat while wearing a matching set of leopard-print pajamas.
His involvement with Russian intelligence may help explain why Mr. Bogachev, 33, is hardly a man on the run. F.B.I. officials say he lives openly in Anapa, a run-down resort town on the Black Sea in southern Russia. He has a large apartment near the shore and possibly another in Moscow, officials say, as well as a collection of luxury cars, though he seems to favor driving his Jeep Grand Cherokee. American investigators say he enjoys sailing and owns a yacht.
Running the criminal scheme was hard work. Mr. Bogachev often complained of being exhausted and “of having too little time for his family,” said Aleksandr Panin, a Russian hacker, now in a federal prison in Kentucky for bank fraud, who used to communicate with Mr. Bogachev online. “He mentioned a wife and two kids as far as I remember,” Mr. Panin wrote in an email.
Beyond that, little is known about Mr. Bogachev, who preferred to operate anonymously behind various screen names: slavik, lucky12345, pollingsoon. Even close business associates never met him in person or knew his real name. “He was very, very paranoid,” said J. Keith Mularski, an F.B.I. supervisor in Pittsburgh whose investigation of Mr. Bogachev led to an indictment in 2014. “He didn’t trust anybody.”
Russia does not have an extradition treaty with the United States, and Russian officials say that so long as Mr. Bogachev has not committed a crime on Russian territory, there are no grounds to arrest him.
Attempts to reach Mr. Bogachev for this article were unsuccessful. In response to questions, his lawyer in Anapa, Aleksei Stotskii, said, “The fact that he is wanted by the F.B.I. prevents me morally from saying anything.”
A line in Mr. Bogachev’s file with the Ukrainian Interior Ministry, which has helped the F.B.I. track his movements, describes him as “working under the supervision of a special unit of the F.S.B.,” referring to the Federal Security Service, Russia’s main intelligence agency. The F.S.B. did not respond to request for comment.