Here They Are. The Top 5 Most Wanted Cyber Criminals in the World

You want to make some quick money? The FBI would be happy to give it to you if you know where any of these 5 criminals are. They certainly all deserve to be caught and prosecuted since they’ve made life miserable for plenty of people with their cyber antics. So here they are, from the bad to the worst.

Peteris Sahurovs (a.k.a. “PIOTREK,” PIOTREK89″ and “SAGADE”)

 peteris

$50,000 Reward

 I know what you’re thinking. Didn’t I go to school with this guy? Well, maybe, if you went to school in Latvia. It’s now suspected that he’s still there or possibly in Kiev. Unfortunately, he’s wanted in Minnesota.

 Crime

 Back in 2010, our friend Peteris approached an online newspaper claiming that he was an advertiser representing a hotel. He wanted to have some ads put on the paper’s website. He seemed legitimate so the newspaper agreed to let him run his ads. At first, the ads were real, or at least appeared to be so. One day, however, Peteris added some malware code to the advertisement so that anyone who visited the page got compromised. (see my post on malvertising). Basically, these victims had ransomeware installed on their computers. If they wanted to regain control of their computers, they would have to pay the plucky Peteris $49.95. If they didn’t pay up, then they’d just better buy a new computer and forget about anything they had on their old one. Now, you may think this is a rather modest hack, as far as hacks go. However, Peteris managed to extort over $2 million from his victims.

You’re unlikely to find Peteris strolling down the streets of an American city, but if you live in Latvia or Kiev and you see someone looking like the guy in the photo, head to the nearest U.S. consulate. Who knows, you may pick up some extra spending money.

Viet Quoc Nguyen (a.k.a. Peter Nguyen, Peter Norman, Viet Q. Nguyen, Vandehiu)

 nguyen

No reward is listed for this guy. I’m not sure exactly why, but that takes away a lot of the incentive for looking for him, unless you want to win the ‘Pat on the Back’ award from the FBI. Of course, this might look good on your resume under ‘Other Accomplishments’ (“2015 – Helped apprehend an international cyber criminal for the FBI”).

 Crime

 Apparently, working with a person named Giang Hoang Vu, among others, Viet broke into the servers of email service providers in Georgia, USA, and stole billions of email addresses along with other data. He was expecting to receive money from marketers/spammers who could use this information. Basically, he was able to use malware to break into the accounts of some employees of these email providers and then develop spam campaigns to suit his needs. The idea worked well, but, from all I can see in the original indictment, Viet only managed to make about $5,000 from it. However, Brian Krebs says that the spam marketer working with Nguyen and Vu, Canadian citizen, David-Manuel Santos Da Silva, may have made over $2 million through his marketing firm, Marketbay.com. Dutch authorities arrested Viet’s criminal partner, Vu, in 2012. He has since been extradited to the US and is awaiting trial.

Although Nguyen attacked servers in northern Georgia, he did so probably with the help of Vu, from the Netherlands. Nguyen may be living there, but investigators think he is most likely in his home country of Vietnam. He might be somewhat easy to identify since at 6 ft. (183 cm.) and about 200 lbs. (90 kg.), he is bigger than most Vietnamese. Again, anyone there who thinks they know or see him can contact the local consulate and pick up your ‘Pat on the Back’ award.

Alexsey Belan (a.k.a Aleksei Belan, Aleksey Belan, Aleksey Alexseyevich Belan, Aleksey Alekseyevich Belan, Alexsei Belan, Abyr Valgov, “Abyrvaig”, “Fedyunya”, “Magg”, “M4G”, “Moy.Yawik”)

 Alexey1Alexey2

$100,000 Reward

 With all those aliases, you can probably assume this guy spends most of his time online. When he’s not, he apparently likes to experiment with changing his appearance. Sometimes with glasses and sometimes with different hair colors. Like criminal #5, Peteris Sahurovs, he was born in Latvia but carries a Russian passport. It looks like there must not be much going on during those long winters in Lativia.

 Crime

 According to the FBI, Belan broke into the sites of two online companies and stole user data. On the surface, this doesn’t sound like much; however, another site claimed that these two sites in Nevada and California were affiliated with Obamacare. Once Belan had broken into these sites, he used them as a platform to infiltrate the main Obamacare site and steal millions of accounts with a lot of personal information. The report alleges that he “still has in his possession, the private information of every single American who has, to date, registered their private data into what has been described as the Obamacare Healthcare Website System”. He then negotiated the sale of this information on the deep web. The fact that he may have compromised Obamacare makes him especially dangerous to the government, which explains the $100,000 reward.

Belan clearly made some money on the sale of this database because he has lived in a number of places around the world including Thailand and the Maldive Islands. He was last known to be in Athens, Greece.

Niculae Popescu (a.k.a. Nicolae Petrache, Nae Popescu, “Nae”, “Stoichitoiu”)

 niculae

$ 1 Million Reward

If this guy used half the energy he used in his criminal activities to set up a legitimate business, he’d probably be a big success. Instead, our friend Niculae decided to scam people by advertising false goods on internet auction sites like eBay, Cars.com, and AutoTrader.com. Niculae and his accomplices set up fake, but legitimate looking, websites linked to these auction sites so that when a buyer, looking for expensive cars and boats, checked them out, they appeared to be the real thing. Again, as in many scams, greed triumphed over reason. Once lured into a potential sale, the victims communicated, by email, with Niculae’s sidekicks who sent the potential buyers forged documents which seemed to indicate that the sale was the real thing. If the buyer was convinced the sale was legit, Niculae’s associates would send bogus invoices appearing to come from PayPal or Amazon with instructions to send the money to the group’s US bank accounts.

These bank accounts had previously been set up by accomplices in the US using forged passports and were, thus, legitimate. As soon as the money was wired into these accounts, it would be withdrawn and sent onto other accounts.

In 2013, an internationally coordinated attack on the gang brought it down. They did not, however, catch Niculae and some of his main colleagues. Oddly enough, he had been in the custody of Romanian authorities in 2010 but, because of a legal glitch, was literally allowed to walk out of court and into obscurity. In a recorded conversation between Nicolae and one of his co-conspirators, he said “criminals will not be extradited from Romania to U.S.A. . . . [I]t will never happen.” Such an attitude is probably one reason the FBI wants this guy so badly. In any event, he feels pretty safe in Romania and is probably there now. Anybody in Romania looking to make a little spending money?

 Evgeniy Mikhailovich Bogachev (a.k.a Yevgeniy Bogachev, Evgeniy Mikhaylovich Bogachev, “lucky12345”, “slavik”, “Pollingsoon”)

 bogachev

 $3 Million Reward

 I’ve reported on this miscreant before. This is the guy who developed ZeuS malware for stealing bank accounts. It’s been pretty successful. He’s managed to steal hundreds of millions of dollars from the bank accounts of small and medium-sized businesses in the US and Europe. In Russia, he’s considered as something of a hero for undermining Western business interests. He does steal some money himself, but he also creates custom malware for others to help them exploit the savings of hard working Americans and Europeans. This may help explain the incredible increase in attacks on the financial sector this year. According to his arch enemy, Brian Krebs, he is still actively involved on deep web sites selling his exploits.

Bogachev was last known to reside in the Black Sea town of Anapa, Russia. He likes boating in the yacht paid for with his stolen money. It has been said that many locals know about him but would never consider turning him in. However, the FBI hopes that the $3 million reward may make them reconsider. It is unlikely that he will ever leave Russia, so it is hard to imagine that, even if identified, he would ever be extradited to the US. But stranger things have happened. Maybe he will make the mistake of taking a vacation away from the motherland or maybe the Russian government could make some deal with US authorities to arrest and extradite him. So, at least for now, the reward may be nothing more than a tool to use to gather information on his whereabouts.

Although I have not mentioned them, the Chinese hacker Gang of Five is also on the list. Since they have been said to work with the Chinese government, they will never be extradited and will continue to be a thorn in the side of the US. The sad truth is that it is unlikely that any of these criminals will be apprehended unless the US puts pressure on the governments of the countries they reside in. Putting these criminals on the most wanted list only lets them know they’ve been identified and maybe makes them a bit more paranoid. But I suppose that’s better than nothing.

 

 

About Steve Mierzejewski

Marketing consultant for InZero Systems, developer of the next generation in hardware-separated security, WorkPlay Technology. I've worked in Poland, Japan, Korea, China, and Afghanistan. I'm a writer, technical editor, and an educator. I also do some work as a test developer for Michigan State University.
This entry was posted in Uncategorized and tagged , , . Bookmark the permalink.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s