Skip to main content
Press Release

Charges Filed in Belarus as Part of an International Investigation into the Bugat Botnet

For Immediate Release
U.S. Attorney's Office, Western District of Pennsylvania

PITTSBURGH – Two Belarus citizens have been charged in Belarus for participating in an international criminal conspiracy that used the botnet known as “Bugat” to steal banking and other credentials from infected computers, David J. Hickton, U.S. Attorney for the Western District of Pennsylvania and Special Agent in Charge Scott S. Smith of the Federal Bureau of Investigation’s Pittsburgh Division announced today.

Aleskey Semeonovich Yaroshevich, 34, and Egor Nikolayevich Pavlenko, 41, both of Minsk, Belarus, are being investigated by the FBI as part of an international crime group responsible for the theft of money on the Internet and the distribution of malware programs. Yaroshevich and Pavlenko are in police custody.

An indictment returned in the Western District of Pennsylvania in August 2015 alleged that conspirators used the Bugat malware to steal banking credentials and then, using the stolen credentials, to initiate fraudulent electronic funds transfers of millions of dollars from the victims’ bank accounts into the accounts of money mules, who further transferred the stolen funds to other members of the conspiracy. The indictment detailed two electronic fund transfers from bank accounts held by Penneco Oil, based in Westmoreland County. According to the indictment, the conspirators caused the international transfer on Sept. 4, 2012, of $1,350,000 from a Penneco Oil account at First Commonwealth Bank to an account in Minsk, Belarus. Yaroshevich and Pavlenko are believed to be the recipients of that $1.35 million wire transfer.

“Chasing cyber criminals requires innovation, determination and international cooperation,” stated U.S Attorney Hickton. “As these arrests demonstrate, we will pursue participants in criminal organizations over borders and around the world to ensure they are held accountable.”

“We recognize and appreciate the willingness and efforts of our Belarusian law enforcement partners to investigate and prosecute this matter,” said FBI Special Agent in Charge Smith. “It is only through extensive international cooperation such as this, that we can ensure there is no safe haven for Cyber criminals.”

The Investigative Committee of the Republic of Belarus, Ministry of Internal Affairs and the Belarus Attorney General’s Office have posted a release in Russian detailing the Belarusian charges. The link to the press release is: http://sk.gov.by/ru/news-ru/view/sledstvennyj-komitet-belarusi-osuschestvljaet-sovmetsnuju-operatsiju-s-fbr-2588/

Updated May 10, 2016