May, 2019


top 5 hackers

Malware didn’t just appear out of nowhere neither it is a product of internet that was woven over time. Every single virus, Trojan, malware, spyware etc. that exists today was made by somebody. Either with love or hatred but it is there, trying to sneak past the best antivirus software.

On the internet, there are literally countless cyber criminals but only a few have earned the rights to call themselves the most dangerous hackers of all time. They have risen to fame by doing some serious online criminal activities, taking away millions in money and causing super serious damages. So it felt important that we shed some light on these cyber criminals and their past activities.

Evgeniy Mikhailovich Bogachev

It is very rare that someone with rare cyber criminal skills ever gets discovered. Wondering what are those? Read on…

This fellow here created such a botnet that it managed to infect millions of computers around the globe. The devices got infected by ransomware that stole a huge amount of data that was stored on their system. With this, Evgeniy earned an insane sum of money and did over $100 million worth damages that earned him the attention of the Russian Government. They started tapping his network in order to find more about him and what he was up to.

It took almost 2 years for FBI and other international organisations just to find out his name. Later, they offered three million dollars in bounty (the biggest ever posted on a cyber criminal), to anyone who will help in bringing him to justice. Unfortunately, the Russian authorities didn’t care about the bounty, as he now lives openly in Anapa, a resort town on the Black Sea in southern Russia, where he has a number of luxury car and a yacht. So far the Russian Government hasn’t admitted to working with him but they refuse to arrest him but his lifestyle definitely raises some questions.

Currently, he operates under usernames like slavik, lucky12345, pollingsoon, and others. What big he is planning next? We might never know.

Bureau 121

Next is another country’s agency that is specially structured to raise money for the regime, working day and night to sow chaos against state enemies. Wondering who it could be? It is none other than North Korea – high on power and digital ambitions. They not only have military and other dangerous weapons but also a growing hacker army, working for the branch known as ‘Bureau 121’. Over the years they have been responsible for  but some are high-profile attacks that need special mention.

  1. Number one on the list is Wannacry ransomware attack. Its incredible speed took the internet by surprise, spreading and infecting over 300,000 devices. The damage it caused was of more than four billion dollars.
  2. Bureau 121 is also responsible for a massive data leak at Sony Pictures in 2014. The production house was targeted because Seth Rogen’s comedy about the humiliation and assassination of “dear leader” Kim Jong Un antagonized the leader (so he had to do something about it). When they were cyber attacked, countless personal emails and details were leaked which caused Sony around fifteen million dollars to repair the damages.

Before you start hating the hackers, remember that they are no less than a victim, like every other North Korean citizen. They are stuffed and crowded in overheated apartments with maximum security and limited freedom. North Korean hackers are expected to earn and hand over $60,000 to $100,000 a year through any means necessary. The result is not so good for those who fail to hit the mark. So instead of hating the players, hate the game.

The Equation Group & The Shadow Brokers

Let’s start with The Equation Group first. It is an informal name of the Tailored Access Operations (or TAO) unit of the US’s National Security Agency, or the NSA. Now, stay focused as it might get a little confusing from here. Came into existence in 2001, the group was a closely held secret before it was “discovered” in 2015. They surfaced when two types of spying malware – EquationDrug and GrayFish were linked to the organisation. Another popular thing about them is that they are known to hoard vulnerabilities to ensure their hack goes undetected. It is also theorised that The Equation Group was behind Stuxnet, the worm that took down Iran’s nuclear program for a time.

Initially, the group existed to promote their national agenda at home and abroad, with a majority of their work was found in Iran, Syria, Mali, India, Russia, Pakistan, and Afghanistan etc. Though, that could have been an end of it, as there’s nothing unusual about state hackers and they were also doing a great job keeping a tight lid on their activities but…

Then The Shadow brokers happened.

Their origin is nothing but a mystery. They were discovered in 2016 and it is suggested that their sinister name is a nerdy is in reference to an information broker with a similar name from the Mass Effect video game series. Everything about them is a mystery but they do live up to their name, leaving everyone at shadows.

Their nature is truly something un-understandable but their activities are as real as they can get. In August 2016, a twitter handle apparently owned by the group @shadowbrokers, announced an auction that people could access through a web page and a GitHub repository that contained the instructions to the same. The web page belonged to none other than the Equation Group, so now you can understand what they were offering. Eternal Blue, Eternal Romance, and other exploits that were essential to the creation of some of the most dangerous malware attacks of 2017 were being auctioned by the Shadow Brokers, including the infamous Wanna cry and NotPetya ransomware.

Shadow Brokers made big bucks by selling off Equation Group’s secrets to the highest bidders but they didn’t stop at that. They kept on revealing their secrets to anyone who was willing to pay the fees.

UNIT 8200

What’s one name for something that’s inspiring and terrifying at the same time? Don’t think so hard; let us answer it for you – Unit 8200. It is the pseudo-clandestine cyber intelligence branch of the Israeli government. Unit 8200 is an example of efficiency and skills with a proven track record in public service and counter-terrorism activity. It has done some remarkable work in the cyber security world and actually, has more women members than men.

But there’s a twist in the story. Unit 8200 is also responsible for developing some of the most terrifyingly efficient malware used for mass spying and exploiting the governments and civilians alike on an unprecedented scale anywhere in the world.

Found in 1952, as the 2nd intelligence Service Unit, Unit 8200 expanded itself into the largest Unit in the Israeli Defense Force. Obviously, many of their activities are clandestine which is usual for such units but some of their conducts have slipped to the surface.  They have foiled many terrorist attacks around the globe, helped in developing the Stuxnet virus and also produced a malware – Duqu 2.0, a spying malware that is way ahead of its time.

Fancy Bear

After reading this name, most of you would have thought “that’s a cute name”, right? If the group has resembled the name that they took up, they would have not been in this list. Unfortunately, that’s not the world we live in.

Currently working under a lot of other names, Fancy Bear is a group that is strongly associated with the Russian Government and supporting its cyber warfare activities. While they don’t encompass everything that Russia does online, Fancy Bear is the most dangerous group that have been responsible for some of the most high-profile hacks of the decade.

Started in 2008, they hacked into the Georgian government, so that they can throw it into chaos before the Russian army invades the country. Since then, they have been a name that has been associated with countless controversies and conflicts in the region. They excel in manipulating the democracy as they have done it on many occasions in Germany, France and Ukrainian elections.

Despite being one of the most disruptive hackers in the world, Fancy Bear never took credit for any of their work. They like to work under the alias of anonymous or ISIS. The group, considering the type of work they do, they are not going anywhere, anytime soon. This being the election year, they might wind up in the headlines soon enough.

Wrapping Up

The list is lacking in only one regard. The successful hackers are the ones who don’t leave a trace of who they are, taking great care of never getting caught. Which means, that the list above composed of men/organisations were either careless or wanted the world to know about them. So they might be popular now but they are not perfect.

The Author

Abhijeet Guha

Abhijeet is an active blogger with decent experience in the IT Security industry. He researches on various topics related to cyber security and pens down his research in the form of articles & blogs. You can reach him at abhijeet@reveantivirus.com.
Abhijeet Guha
  Leave a Comment