A notorious cybercrime criminal who uses the hacker name ‘Slavik’ and is at the top of the FBI’s most wanted list, is also connected to espionage operations conducted by Russia on the US Government, researchers say.

A cybercrime kingpin at the top of FBI’s ‘Most Wanted’ is connected to Russia’s recent espionage activity targeting the US, security researchers claim in a report published on Forbes.

Evgeniy Bogachev, the Russian programmer and hacker, also widely and notoriously known as Slavik is rumored to be spending his days on a boat out in the black sea, due to a $3 million bounty placed on him by the FBI. The reward is for those with information leading to an arrest or a conviction of Slavik, the creator of a notorious botnet known as Zeus.

Not quite game over for Gameover Zeus

It was summer 2014 when the US Justice Department joined forces with law enforcement agencies and security firms from around the world. The objective was to take down a massive, sophisticated, cybercrime operation through a botnet which had already infected up to a million computers. Named ‘Gameover Zeus’, the wide network of infected machines were connected over a peer-to-peer network organized by Bogachev and his cybercrime gang.

As the author of the malware, Bogachev’s illicit operations accounted to more than $100 million in theft from global banking institutions. The advanced malware was predominantly used to steal bank logins before siphoning money away from banking accounts. Hackers also wielded the malware in countless spam campaigns, phishing attacks, online extortions and other money making schemes.

The widely-known Cryptolocker ransomware, notorious for claiming up to $27 million in ransom payments after infecting and claiming control of nearly 250,000 PCs was also devised by hackers who made use of the Gameover Zeus malware.

Links to espionage

After Gameover Zeus and Cryptolocker were shut down in June last year, a comprehensive analysis of assets and information seized revealed that Slavik and/or his clients was digging for classified information about foreign governments. Specifically, cataloged search commands showed that inroads were made into seeking information and files related to intelligence agencies in the Ukraine, Georgia and Turkey.

The findings were also made in a detailed report published by Fox-IT, a Dutch security firm that gained access to a server used by one of the cybercrime gang’s members. As reported by Krebs on Security, the server was primarily used to launch cyber-attacks. Significantly, gaining access to the server also helped understand the inner workings of the secretive, elite cybercrime gang by revealing hidden chat logs.

Michael Sandee, the principal security expert at Fox-IT believes that the classified information being looked into is certain to be of prime interest to the current Putin regime.

Sandee worked with the FBI on the investigation following the dismantling of Gameover Zeus and the shutting down of Cryptolocker.