Russian Hackers Indicted in Pittsburgh

Two Russian nationals, Maksim Yakubets and Igor Turashev, were indicted in Pittsburgh on December 5th, for involvement in international multimillion-dollar malware attacks. Estimates on the amount netted from their attacks range up to $100 million dollars, while the attacks themselves would have cost victims millions more in business downtime and recovery. Several of the victims that the pair are accused of executing attacks against are located in Pennsylvania, including a bank and a school district. A $5 million dollar bounty has been offered for help in detaining the pair, although it seems unlikely that they would ever face trial as they are currently assumed to be residing in Russia.

Yakubets has ties to the Russian Federal Security Service and is thought to be one of the leaders of a hacking group dubbed “Evil Corp.” Evil Corp is known to deploy a piece of malware called Dridex, which would commonly infect victims via a phishing email and has the potential to steal banking credentials from victims. Stolen information is then leveraged to initiate wire transfers to foreign bank accounts. Later iterations of the Dridex malware implemented the capability to load and deploy ransomware, such as BitPaymer, to victim networks.


Schneider Downs has assisted in the containment and recovery efforts of organizations that have fallen victim to various forms of malware, including the Dridex variant used to deploy ransomware. The vast majority of infections we see initially gain access with a phishing email and escalate from there due to a lack of defensive controls within the network. Many of these types can be easily prevented through some careful planning and execution of a defensive cyber strategy. For any questions or assistance with preventative or responsive measures, you can contact the Cybersecurity Team at

You’ve heard our thoughts… We’d like to hear yours

The Schneider Downs Our Thoughts On blog exists to create a dialogue on issues that are important to organizations and individuals. While we enjoy sharing our ideas and insights, we’re especially interested in what you may have to say. If you have a question or a comment about this article – or any article from the Our Thoughts On blog – we hope you’ll share it with us. After all, a dialogue is an exchange of ideas, and we’d like to hear from you. Email us at

Material discussed is meant for informational purposes only, and it is not to be construed as investment, tax, or legal advice. Please note that individual situations can vary. Therefore, this information should be relied upon when coordinated with individual professional advice.

© 2020 Schneider Downs. All rights-reserved. All content on this site is property of Schneider Downs unless otherwise noted and should not be used without written permission.

our thoughts on

Ransomware Attack Disrupts Popular Sports Gambling Sites
Ransomware Victims May Now Face Federal Fines
Schneider Downs Shortlisted for PTC Tech 50 Cybersecurity Award
Cybersecurity Tips from Home Video Series
National Cybersecurity Awareness Month 2020
Zerologon: Instant Elevation to Domain Admin

Register to receive our weekly newsletter with our most recent columns and insights.

Have a question? Ask us!

We’d love to hear from you. Drop us a note, and we’ll respond to you as quickly as possible.

Ask us

contact us

Map of Pittsburgh Office

One PPG Place, Suite 1700
Pittsburgh, PA 15222
p:412.261.3644     f:412.261.4876

Map of Columbus Office

65 East State Street, Suite 2000
Columbus, OH 43215
p:614.621.4060     f:614.621.4062

Map of Washington Office
Washington, D.C.

1660 International Drive, Suite 600
McLean, VA 22102