Russian Hackers Indicted in Pittsburgh

Two Russian nationals, Maksim Yakubets and Igor Turashev, were indicted in Pittsburgh on December 5th, for involvement in international multimillion-dollar malware attacks. Estimates on the amount netted from their attacks range up to $100 million dollars, while the attacks themselves would have cost victims millions more in business downtime and recovery. Several of the victims that the pair are accused of executing attacks against are located in Pennsylvania, including a bank and a school district. A $5 million dollar bounty has been offered for help in detaining the pair, although it seems unlikely that they would ever face trial as they are currently assumed to be residing in Russia.

Yakubets has ties to the Russian Federal Security Service and is thought to be one of the leaders of a hacking group dubbed “Evil Corp.” Evil Corp is known to deploy a piece of malware called Dridex, which would commonly infect victims via a phishing email and has the potential to steal banking credentials from victims. Stolen information is then leveraged to initiate wire transfers to foreign bank accounts. Later iterations of the Dridex malware implemented the capability to load and deploy ransomware, such as BitPaymer, to victim networks.


Schneider Downs has assisted in the containment and recovery efforts of organizations that have fallen victim to various forms of malware, including the Dridex variant used to deploy ransomware. The vast majority of infections we see initially gain access with a phishing email and escalate from there due to a lack of defensive controls within the network. Many of these types can be easily prevented through some careful planning and execution of a defensive cyber strategy. For any questions or assistance with preventative or responsive measures, you can contact the Cybersecurity Team at [email protected]

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at [email protected].

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2023 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on
SEC Charges SolarWinds and CISO Timothy Brown For Misleading Investors
Think Before You Click: Fake Browser Updates are Back in Style
Protect Your Manufacturers: 3 Common Cyber Attack Methods to Watch Out for in 2023
Protect Your Students, Faculty and Staff: 3 Common Cyber Attack Methods to Watch Out for in 2023
Protect Your Retail Business: 3 Common Cyber Attack Methods to Watch Out for in 2023
Cybersecurity in the Construction Industry
Register to receive our weekly newsletter with our most recent columns and insights.
Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us
contact us

This site uses cookies to ensure that we give you the best user experience. Cookies assist in navigation, analyzing traffic and in our marketing efforts as described in our Privacy Policy.
