Search
  • Videos
  • Windows 10
  • 5G
  • Best VPNs
  • Cloud
  • Security
  • AI
  • more
    • TR Premium
    • Working from Home
    • Innovation
    • Best Web Hosting
    • ZDNet Recommends
    • Tonya Hall Show
    • Executive Guides
    • ZDNet Academy
    • See All Topics
    • White Papers
    • Downloads
    • Reviews
    • Galleries
    • Videos
    • TechRepublic Forums
  • Newsletters
  • All Writers
    • Preferences
    • Community
    • Newsletters
    • Log Out
  • Menu
    • Videos
    • Windows 10
    • 5G
    • Best VPNs
    • Cloud
    • Security
    • AI
    • TR Premium
    • Working from Home
    • Innovation
    • Best Web Hosting
    • ZDNet Recommends
    • Tonya Hall Show
    • Executive Guides
    • ZDNet Academy
    • See All Topics
    • White Papers
    • Downloads
    • Reviews
    • Galleries
    • Videos
    • TechRepublic Forums
      • Preferences
      • Community
      • Newsletters
      • Log Out
  • us
    • Asia
    • Australia
    • Europe
    • India
    • United Kingdom
    • United States
    • ZDNet around the globe:
    • ZDNet France
    • ZDNet Germany
    • ZDNet Korea
    • ZDNet Japan

The FBI's most wanted cybercriminals

15 of 19 NEXT PREV
  • Dridex mastermind

    Dridex mastermind

    In December 2019, the US charged the mastermind behind the infamous Dridex malware, a Russian national named Maksim Victorovich Yakubets. He is the FBI's most wanted cybercriminal, with US authorities willing to pay up to $5 million for any information that may lead to his arrest.

    Igor Turashev, one of the Dridex botnet administrators, was also charged, but for a minor role in the scheme.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Photo by: Image: FBI

    Caption by: Catalin Cimpanu

  • GameOver Zeus botnet mastermind

    GameOver Zeus botnet mastermind

    Evgeniy Mikhaylovich Bogachev, known as "Slavik" is a malware author who created and operated the GameOver Zeus banking trojan and adjacent botnet.

    After he was charged in 2014 for the theft of over $100 million from GameOver Zeus victims, Bogachev is believed to have become a close collaborator of Russian intelligence agencies. The FBI is willing to pay up to $3 million for any information that may lead to his arrest.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Sandworm

    Sandworm

    In October 2020, the DOJ charged six Russian nationals it believed were part of Sandworm, a group of military hackers who carried out destructive cyber-attacks on behalf of the Russian government.

    The US said the hackers were responsible for developing and launching the NotPetya ransomware outbreak, the OlympicDestroyer destructive malware against the PyeongChang 2018 Winter Olympics hosts, the Macron Leaks attacks against the French government election in 2017, and the BlackEnergy and KillDisk attacks against Ukraine's power grid in 2015 and 2016.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Photo by: Image: FBI

    Caption by: Catalin Cimpanu

  • DNC hackers

    DNC hackers

    On July 13, 2018, US authorities finally charged a group of Russian hackers for the infamous DNC hacks of 2015 and 2016, an incident during which two Russian cyber-espionage units breached and stole data from the servers of the Democratic National Committee. This information was later released online as part of a political influence campaign to support Donald Trump's candidacy for the US Presidency.

    Twelve Russian military officers were charged. They are believed to be part of either the APT28 (Fancy Bear) or APT29 (Cozy Bear) cyber-espionage groups.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Yahoo hackers

    Yahoo hackers

    Back in March 2017, the US Department of Justice charged four hackers with breaching Yahoo in 2014 and stealing data on 500 million users.

    One, named Karim Baratov, was arrested in Canada, and extradited to the US, where he eventually received a sentence of five years in prison.

    The other three, including two officers of FSB intelligence officers, are still at large, believed to reside in Russia. Their names are Alexsey Belan, Dmitriy Aleksandrovich Dokuchayev, and Igor Suchin.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • IRGC hackers

    IRGC hackers

    In February 2019, the US charged four Iranian nationals for conspiring with a former US Air Force intelligence agent who defected to Iran in 2013. The group used intelligence provided by the US Air Force agent to launch phishing attacks over email and social media.

    One of the four hackers, Behzad Mesri, had been previously charged in November 2017 with hacking HBO and leaking unreleased episodes and scripts for HBO TV series, including from HBO's primetime show Game of Thrones.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Anthem hackers

    Anthem hackers

    Another highly sought-after hacker is Fujie Wang, the only member of a larger group of hackers who was identified by his real name and who participated in the Anthem hack of 2014.

    Believed to be a member of a Chinese cyber-espionage unit, Wang is still at large in China. He was formally charged earlier this month.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • APT41

    APT41

    In September 2020, the US Department of Justice charged five hackers believed to be part of APT41, one of China's most active state-sponsored hacking crew.

    According to charges, US officials said the group breached more than 100 companies across the world, along with two government networks. Their attacks focused on intelligence gathering, but the group also engaged in financially-motivated attacks during their personal time, attacking video game companies and stealing in-game currency, ransomware attacks, and running crypto-mining botnets.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Photo by: Image: FBI

    Caption by: Catalin Cimpanu

  • Syrian Electronic Army hackers

    Syrian Electronic Army hackers

    In March 2016, the US charged three members of the Syrian Electronic Army hacker outfit. One was arrested and extradited to the US, but two are still at large, namely Ahmad Al Agha and Firas Dardar.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Lazarus Group member

    Lazarus Group member

    In September 2018, US authorities charged Park Jin Hyok, a 34-year-old North Korean, with a litany of charges based on his membership in the Lazarus Group, a North Korean government-backed hacking unit.

    He stands accused of participating in the WannaCry ransomware outbreak, the 2016 Bangladesh Central Bank cyber-heist, attempts at hacking US defense contractor Lockheed Martin in 2016, the 2014 Sony Pictures hack, breaches at US movie theatre chains AMC Theatres and Mammoth Screen in 2014, and a long string of attacks and successful hacks against cryptocurrency exchanges.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Zeus gang

    Zeus gang

    Charged way back in 2014, this group of hackers has operated the Zeus banking trojan. US authorities charged nine hackers, three of which are still at large.

    Since their indictment, the source code of the Zeus trojan was leaked online, and has become the inspiration and codebase for tens of other banking trojan strains.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Mabna hackers

    Mabna hackers

    Charged in March 2018, this group of Iranian state-sponsored hackers has been accused of hacking into the networks of 320 universities across the world.

    The group was also known as Cobalt Dickens or Silent Librarian in the reports of various cybersecurity firms, and continued its hacking activities despite US charges.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Goznym gang

    Goznym gang

    Following years of work, US and European authorities announced charges against seven hackers who worked on distributing the Goznym banking trojan. Two were arrested, while five are still on the run, believed to be in Russia.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • APT10 hackers

    APT10 hackers

    Another group of hackers on the payroll of a foreign government is the duo of Zhu Hua and Zhang Shilong. Believed to be part of a Chinese cyber-espionage group known as APT10, they were charged in December 2018 with hacking more than 45 US companies, US government agencies, and several managed service providers. Victims include IBM, HPE, and Visma.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • SamSam crew

    SamSam crew

    Another team of Iranian hackers is the one formed by 34-year old Faramarz Shahi Savandi and 27-year old Mohammad Mehdi Shah Mansouri -- collectively known as the operators of the SamSam ransomware.

    Charged in November 2018, they are responsible for one of the most prolific ransomware strains around, which they used for attacks targeted at one organization at a time, a tactic they pioneered back in 2015, and which is now the most prevalent and successful type of ransomware attack today, also known as "big game hunting."

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • WADA hackers

    WADA hackers

    In October 2018, US authorities charged seven Russian nationals believed to be members of the GRU military intelligence agency. US officials said the group engaged in a retaliatory action against several sports organizations after Russian athletes were banned from the Rio 2016 Summer Olympics on allegations of doping.

    The seven, acting under the fake personas of Anonymous and the Fancy Bears hacking groups, breached the World Anti-Doping Agency (WADA), the United States Anti-Doping Agency (USADA), and other victim entities during the 2016 Summer Olympics and Paralympics and afterwards, stealing and then dumping sensitive records online as part of efforts to discredit the world's most famous athletes and anti-doping organizations.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Iran DDOS attackers

    Iran DDOS attackers

    In early 2016, the US charged seven Iranian hackers for launching a series of coordinated DDoS attacks against US companies in the banking and financial sector. One of these attacks also hit a New York dam, putting US authorities on alert.

    The DDoS attacks were retaliation from Iranian authorities after the Stuxnet attacks orchestrated by the US and Israel against Iran's nuclear program.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • Epsilon hacker

    Epsilon hacker

    Viet Quoc Nguyen is the last of the three hackers who breached email provider Epsilon in 2011. He was accused of stealing marketing data, including a list of over one billion email addresses. He was also a notorious spammer.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

  • ArrowTech hackers

    ArrowTech hackers

    In July 2017, US authorities charged two Iranian hackers named Mohammed Reza Rezakhah and Mohammed Saeed Ajily for the hack of ArrowTech, a supplier of military technology for the US army.

    According to the indictment, the two hacked ArrowTech in 2016, from which they stole a software application named Projectile Rocket Ordnance Design and Analysis System (PRODAS), used in the design of bullets, missiles, and other military projectiles.

    Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

    Caption by: Catalin Cimpanu

15 of 19 NEXT PREV
Catalin Cimpanu

By Catalin Cimpanu | May 29, 2019 -- 15:16 GMT (08:16 PDT) | Topic: Security

  • Dridex mastermind
  • GameOver Zeus botnet mastermind
  • Sandworm
  • DNC hackers
  • Yahoo hackers
  • IRGC hackers
  • Anthem hackers
  • APT41
  • Syrian Electronic Army hackers
  • Lazarus Group member
  • Zeus gang
  • Mabna hackers
  • Goznym gang
  • APT10 hackers
  • SamSam crew
  • WADA hackers
  • Iran DDOS attackers
  • Epsilon hacker
  • ArrowTech hackers

For the past few years, the FBI has been keeping a separate list of the US' most wanted cybercriminals. Time to take a look at who's still on it -- in no particular order.

Read More Read Less

SamSam crew

Another team of Iranian hackers is the one formed by 34-year old Faramarz Shahi Savandi and 27-year old Mohammad Mehdi Shah Mansouri -- collectively known as the operators of the SamSam ransomware.

Charged in November 2018, they are responsible for one of the most prolific ransomware strains around, which they used for attacks targeted at one organization at a time, a tactic they pioneered back in 2015, and which is now the most prevalent and successful type of ransomware attack today, also known as "big game hunting."

Published: May 29, 2019 -- 15:16 GMT (08:16 PDT)

Caption by: Catalin Cimpanu

15 of 19 NEXT PREV

Related Topics:

Security TV Data Management CXO Data Centers
Catalin Cimpanu

By Catalin Cimpanu | May 29, 2019 -- 15:16 GMT (08:16 PDT) | Topic: Security

Show Comments
LOG IN TO COMMENT
  • My Profile
  • Log Out
| Community Guidelines

Join Discussion

Add Your Comment
Add Your Comment

Related Galleries

  • 1 of 3
  • iVerify: Added security for iPhone and iPad users

    I'm usually wary of security apps, but iVerify by Trail of Bits is different. It comes highly recommended and offers a lot of features in a small download. ...

  • iStorage datAshur BT hardware encrypted flash drive

    FIPS 140-2 Level 3 compliant storage drive with wireless unlock feature and remote management. IP57 rated for dust and water resistance.

  • Netgear BR200 small-business router

    The Netgear BR200 Insight Managed Business Router has been designed to be easy to set up, and features a built-in firewall, VLAN management, and remote cloud monitoring, and can be ...

  • YubiKey 5C NFC: The world’s first security key to feature dual USB-C and NFC connections

    The YubiKey 5C NFC can be used across a broad range of platforms -- iOS, Android, Windows, macOS and Linux -- and on any mobile device, laptop, or desktop computer that supports USB-C ...

  • Apricorn Aegis Secure Key 3NXC

    The new Aegis Secure Key 3NXC builds on Apricorn's Secure Key 3z and Aegis Secure Key 3NX, taking the same proven form-factor and physical keypad, and adding something that users have ...

  • YubiKey 5Ci Clear Limited Edition

    Transparency in security.

  • Certo AntiSpy iPhone Spyware Detection

    Certo AntiSpy is not an app. Instead, it is a utility that you download and install on a Windows or Mac, and you use that to scan a backup of your iOS or iPadOS for subtle signs of intrusion. ...

ZDNet
Connect with us

© 2021 ZDNET, A RED VENTURES COMPANY. ALL RIGHTS RESERVED. Privacy Policy | Cookie Settings | Advertise | Terms of Use

  • Topics
  • Galleries
  • Videos
  • Sponsored Narratives
  • Do Not Sell My Information
  • About ZDNet
  • Meet The Team
  • All Authors
  • RSS Feeds
  • Site Map
  • Reprint Policy
  • Manage | Log Out
  • Join | Log In
  • Membership
  • Newsletters
  • Site Assistance
  • ZDNet Academy
  • TechRepublic Forums