Alexsey Belan and Evgeniy Bogachev, both Russian nationals, are on the FBI’s most-wanted list for cyber crimes. Both have been indicted in the U.S. on charges ranging from identity theft to bank fraud. But when the U.S. asked Moscow to detain them, it seems to have recruited them instead.
The Justice Department on Wednesday named Belan as one of four men who stole 500 million Yahoo user accounts in 2014. Two of the other men named were Russian intelligence agents, who are accused of recruiting Belan after the U.S. put out an international notice for his arrest in 2013.
“Instead of acting on the U.S. government’s Red Notice and detaining Belan after his return, Dokuchaev and Sushchin [the Russian intelligence agents] subsequently used him to gain unauthorized access to Yahoo’s network,” reads the Justice Department’s announcement.
Bogachev isn’t named in that indictment, but three days before it was announced, The New York Times reported he had a similar relationship with Russian intelligence. Rather than detaining Bogachev, the Russian government appears to have taken advantage of his vast network of malware-infected computers to spy on U.S. companies and agencies.
Before it became apparent Belan and Bogachev were colluding with Russian intelligence, both had racked up many criminal charges in the U.S. Belan had been charged with data theft in Las Vegas in 2012 and with computer fraud in San Francisco in 2013, according to the FBI. Bogachev had been charged with an even longer list of crimes, including racketeering and bank fraud, and the FBI issued a $3 million bounty for his capture in 2015.
At the end of 2016, after U.S. intelligence agencies determined Russia had made attempts to interfere in the 2016 presidential election, Barack Obama issued an executive order related to cybersecurity. The order leveled sanctions against several Russian companies, agencies and officials. It also named two civilians: Belan and Bogachev.
A White House fact sheet laid out the reasons for their inclusion in Obama’s order:
Aleksey Alekseyevich Belan engaged in the significant malicious cyber-enabled misappropriation of personal identifiers for private financial gain. Belan compromised the computer networks of at least three major United States-based e-commerce companies.
Evgeniy Mikhailovich Bogachev is designated today for having engaged in significant malicious cyber-enabled misappropriation of financial information for private financial gain. Bogachev and his cybercriminal associates are responsible for the theft of over $100 million from U.S. financial institutions, Fortune 500 firms, universities, and government agencies.
The current whereabouts of Belan have not been reported. The FBI says Bogachev is currently living in Anapa, Russia, and that he often boats to various locations along the Black Sea.