FBI inside failed cybercrime investigation of Russia and Ukraine


He remembered reports a few hours earlier when he said that the Ukrainian surveillance team had been tracking Tank and had received intelligence that the suspect had been at home recently. None of them sounded convincing.

Five people were detained in Ukraine that night, but when it came to Tank, which police claimed was responsible for the operation, they returned empty-handed. And none of the five people arrested in Ukraine remained in detention for long.

Somehow, the operation in Ukraine – a two-year international effort to catch the biggest cybercriminals on the FBI’s radar – went awry. Tank escaped while under SBU surveillance, while other major players deftly avoided the serious consequences of his crimes. Craig and his crew were hurt.

But if the situation in Ukraine was frustrating, things were even worse in Russia, where the FBI had no one on the ground. Trust between Americans and Russians has never been stronger. Early in the investigation, the Russians dissuaded the FBI from Slavik’s identity.

“They try to distract you from the target,” Craig says. “But we play these games knowing what will happen. Yet we are very lax about what we send them, and even if you know something, you try to push them to see if they will cooperate. And when they don’t – oh, no surprise.”

An infuriating mix of corruption, competition, and walling had left Operation Trident Breach without its most important targets.

Even so, while the raids were taking place in Donetsk, the Americans were hoping they would get a call from Russia about an FSB raid on the residence of money launderer Maksim Yakubets Aqua. Instead there was silence.

The operation was successful—dozens of low-level operators were arrested in Ukraine, the United States, and the United Kingdom, including some of Tank’s personal friends who had helped. carrying stolen money outside the UK. But a frenzied mix of corruption, rivalry, and wall-building had deprived Operation Trident Breach of its most important objectives.

“He came on D-Day and we ghosted,” Craig says. “Tried to contact the SBU [the Russians]. The FBI was calling the embassy in Moscow. It was complete silence. However, we carried out the operation without the FSB. There was months of silence. Nothing.”

Criminals with good connections

Not everyone at SBU drives BMWs.

After the raids, some Ukrainian officials, dissatisfied with the corruption and leaks in the country’s security services, concluded that the 2010 Donetsk raid on the Tank and Jabber Zeus crew had failed due to a tip from a corrupt SBU officer, Alexander Khodakovski.

At that time, Khodakovsky was the chief of an SBU SWAT unit in Donetsk, known as the Alpha team. It was the same group that led the Trident Breach raids. According to the former SBU official, who spoke anonymously to MIT Technology Review, he helped coordinate law enforcement across the region, which allowed him to tell suspects to prepare to search beforehand or destroy evidence.

When Russia and Ukraine went to war in 2014, Khodakovski defected. He became a leader in the self-proclaimed Donetsk People’s Republic, where NATO says it receives financial and military assistance from Moscow.

The problem wasn’t just a corrupt official. The Ukrainian investigation and legal action against the tank and its crew continued after the raids. But the former SBU officer explains that he was handled with care to ensure his release.

“Thanks to his corrupt connections among the SBU administration, Tank ensured that all legal proceedings against him were handled by the SBU Donetsk field office instead of the SBU Headquarters in Kiev, eventually stopping the case there,” the former official said. The SBU, FBI and FSB did not respond to requests for comment.

“He came on D-Day and we became ghosts.”

Jim Craig

It turned out that Tank was deeply involved with Ukrainian officials linked to the Russian government, including the former president of Ukraine, Viktor Yanukovych, who was overthrown in 2014.

Yanukovych’s youngest son, Viktor Jr., was the godfather of Tank’s daughter. Yanukovych Jr. He died in 2015 when his Volkswagen van crashed into ice in a lake in Russia, and his father remained in exile there after being convicted of treason by a Ukrainian court.

When Yanukovych fled east, Tank moved west to Kiev, which is believed to represent some of the former president’s interests and his own business ventures.

“Through this relationship with the President’s family, Tank was able to establish corrupt links with the highest echelons of the Ukrainian government, even with law enforcement,” the SBU official explains.

Since Yanukovych’s dismissal, Ukraine’s new leadership has turned more decisively to the West.

“The truth is, corruption is a huge challenge to stopping cybercrime and it can get pretty high,” Passwaters says. “But after working with the Ukrainians for more than 10 years to combat cybercrime, I can say that there are a lot of really good people in the trenches working quietly on the right side of this war. They are key.”

Warmer relations with Washington were an important catalyst for the ongoing war in eastern Ukraine. Now, as Kiev seeks to join NATO, one of the conditions for membership is to eradicate corruption. The country has recently cooperated with the Americans in cybercrime investigations to a degree unimaginable in 2010. However, corruption is still widespread.

“Ukraine in general has been more active in the fight against cybercrime in recent years,” says the former SBU official. “But only when we see that the criminals are actually punished can I say that the situation has changed radically. Now we see too often public relations demonstrations that do not result in cybercriminals shutting down their activities. Announcing some takedowns, making some calls, but then releasing everyone involved and letting them continue working is not a viable way to fight cybercrime.”

And Tank’s connections to power have not disappeared either. He remains free, intertwined with the powerful Yanukovych family, which has close relations with Russia.

an imminent threat

On June 23, FSB chief Alexander Bortnikov, quotation He said his agency would work with the Americans to track down criminal hackers. It didn’t take long for two specific Russian names to appear.

Even after 2010 raids took over much of his business, Bogachev remained a prominent cybercrime entrepreneur. He founded a new criminal gang called the Business Club; He soon became a giant, stealing more than $100 million split among his members. The group went from hacking bank accounts to distributing some of the first modern ransomware by 2013 with a tool called CryptoLocker. evolution of a new type of cybercrime.

At the same time, researchers from Dutch cybersecurity firm Fox-IT, who took a close look at Bogachev’s malware, found that it didn’t just attack random targets. The malware was also quietly seeking information on military services, intelligence agencies and police in countries like Russia’s close neighbors and geopolitical rivals Georgia, Turkey, Syria and Ukraine. It turned out to be working not only from inside Russia, but also from malware. actually hunted for intelligence for Moscow.


Source link

Leave a Reply

Your email address will not be published. Required fields are marked *