1
00:00:01,769 --> 00:00:03,669
BEN: A Russian cyber gang
robs western banks.
2
00:00:03,771 --> 00:00:07,606
They would go for the $100,000
or $1,000,000 wire transfers.
3
00:00:07,708 --> 00:00:10,842
Their malware shows
links to Putin's government.
4
00:00:10,945 --> 00:00:12,444
When I saw the commands
and the comments,
5
00:00:12,546 --> 00:00:15,013
I knew that it was something
different from the rest.
6
00:00:15,115 --> 00:00:17,883
Do criminal hackers help
Russia spy on its enemies?
7
00:00:24,558 --> 00:00:27,159
And what does this say about
the country's hacking scene?
8
00:00:27,261 --> 00:00:32,130
They think to hack Americans is
like a heroic thing for them.
9
00:00:33,300 --> 00:00:43,308
♪
10
00:00:56,156 --> 00:00:58,056
Over the past few years,
I've reported for VICE
11
00:00:58,158 --> 00:01:00,492
from inside Russia, and
I've witnessed firsthand
12
00:01:00,594 --> 00:01:03,562
the authoritarian power of
the Vladimir Putin regime.
13
00:01:03,664 --> 00:01:06,164
I've also learned that hackers
at intelligence agencies,
14
00:01:06,267 --> 00:01:08,934
like the FSB, Russia's
State Security Service,
15
00:01:09,036 --> 00:01:11,203
have a murky relationship.
16
00:01:11,305 --> 00:01:13,939
The country's hackers make
headlines around the world
17
00:01:14,041 --> 00:01:17,576
for thefts and politically
motivated cyber-attacks.
18
00:01:17,678 --> 00:01:22,214
Just ask Hilary Clinton and the
Democratic National Committee.
19
00:01:22,316 --> 00:01:23,882
But how strong is the
collaboration between
20
00:01:23,984 --> 00:01:25,817
cyber criminals
and Russian spooks?
21
00:01:29,390 --> 00:01:31,723
I'm in Pittsburg, where
a little-known FBI office
22
00:01:31,825 --> 00:01:34,559
specializes in
cybercrime investigations.
23
00:01:34,662 --> 00:01:36,461
This is the spot
where the Feds disrupted
24
00:01:36,563 --> 00:01:38,930
one of the most sophisticated
and lucrative malware schemes
25
00:01:39,033 --> 00:01:40,932
ever discovered.
26
00:01:41,035 --> 00:01:43,869
"Gameover ZeuS" infected
over a million computers,
27
00:01:43,971 --> 00:01:48,040
creating a network, or
Botnet, that spanned the globe.
28
00:01:48,142 --> 00:01:51,743
Those infected computers helped
hackers rob more than 150 banks
29
00:01:51,845 --> 00:01:54,746
around the world, stealing
more than $100 million from
30
00:01:54,848 --> 00:01:58,750
US banks alone, and in such
a way that was hard to trace.
31
00:01:58,852 --> 00:02:01,286
And Cryptolocker, a
ransomware program installed
32
00:02:01,388 --> 00:02:04,589
by Gameover ZeuS, shut hundreds
of thousands of users out of
33
00:02:04,692 --> 00:02:08,126
their own computers until they
paid to have them unlocked.
34
00:02:08,228 --> 00:02:11,129
After taking down the
Botnet, the FBI identified
35
00:02:11,231 --> 00:02:15,600
the mastermind as a Russian
suspect named Evgeniy Bogachev,
36
00:02:15,703 --> 00:02:18,570
and made him number one on their
Most Wanted Cyber Criminal List.
37
00:02:19,740 --> 00:02:21,773
Scott Smith was the
Special Agent who led
38
00:02:21,875 --> 00:02:24,309
FBI Pittsburgh.
39
00:02:24,411 --> 00:02:27,179
And who was it targeting
specifically, Gameover ZeuS?
40
00:02:27,281 --> 00:02:29,815
It was mostly targeting
the banking industry,
41
00:02:29,917 --> 00:02:32,751
or payrolls, larger businesses.
42
00:02:32,853 --> 00:02:35,587
It was trying to get
the banking credentials,
43
00:02:35,689 --> 00:02:39,991
passwords, and get in and do
large-scale wire transfers.
44
00:02:40,094 --> 00:02:43,395
They generally were not
looking for some of the
45
00:02:43,497 --> 00:02:48,100
individual private accounts
for $1,000 or $2,000.
46
00:02:48,202 --> 00:02:49,868
It just wasn't what they...
47
00:02:49,970 --> 00:02:53,705
They had so much access
to so much larger accounts,
48
00:02:53,807 --> 00:02:57,509
they would go for the $100,000
or $1,000,000 wire transfers.
49
00:02:58,812 --> 00:03:01,213
The FBI pinned Gameover ZeuS
on an organized group
50
00:03:01,315 --> 00:03:04,383
based in Russian
dubbed the "Business Club".
51
00:03:04,485 --> 00:03:06,184
And at the head of it
was a mysterious character
52
00:03:06,286 --> 00:03:09,187
named Evgeniy Bogachev,
AKA Slavik.
53
00:03:09,289 --> 00:03:11,289
So who is the Business Club?
54
00:03:11,392 --> 00:03:16,328
Business Club is a pretty
close-net organization.
55
00:03:16,430 --> 00:03:18,730
Each person headed
their specialty,
56
00:03:18,832 --> 00:03:20,365
or area of responsibility.
57
00:03:20,467 --> 00:03:23,368
You know, those that would
work on the infrastructure,
58
00:03:23,470 --> 00:03:26,204
those that would supply
the mules that would take out
59
00:03:26,306 --> 00:03:28,673
the money, those that would
create the accounts that would
60
00:03:28,776 --> 00:03:32,744
sweep the funds to, those that
have more technical abilities
61
00:03:32,846 --> 00:03:36,515
to tweak the malware and
direct it and put it out.
62
00:03:36,617 --> 00:03:38,483
And we know that there is
63
00:03:38,585 --> 00:03:40,185
a certain character
at the centre of it...
64
00:03:40,287 --> 00:03:41,853
BOTH: Bogachev.
65
00:03:41,955 --> 00:03:43,155
Yeah, Bogachev.
66
00:03:43,257 --> 00:03:44,589
So you're pretty
familiar with this guy?
67
00:03:44,691 --> 00:03:47,959
Yeah, he was the...
in a sense, the head.
68
00:03:48,061 --> 00:03:53,265
He had both the technical skills
and the criminal background
69
00:03:53,367 --> 00:03:55,200
to bring together
the organization,
70
00:03:55,302 --> 00:03:57,502
to tie it together,
to make it profitable.
71
00:03:57,604 --> 00:04:00,872
You know, he actually
has a $3,000,000 reward
72
00:04:00,974 --> 00:04:03,341
for the apprehension
and prosecution.
73
00:04:03,444 --> 00:04:08,413
So that's the largest
for a cybercriminal ever.
74
00:04:08,515 --> 00:04:11,082
That entices a lot
of different people
75
00:04:11,185 --> 00:04:13,418
to help us out with
his apprehension.
76
00:04:13,520 --> 00:04:16,555
How has the Russian government
cooperated with your office,
77
00:04:16,657 --> 00:04:20,025
with the FBI, with
respect to Bogachev
78
00:04:20,127 --> 00:04:21,426
and some of these
cyber criminals?
79
00:04:21,528 --> 00:04:23,361
Have they been easy
to work with, or...?
80
00:04:23,464 --> 00:04:27,399
I'm sure they know who he is,
and to the extent they would
81
00:04:27,501 --> 00:04:32,204
help us, that's more of a...
sometimes political question
82
00:04:32,306 --> 00:04:35,207
than it is a FBI law
enforcement question.
83
00:04:36,710 --> 00:04:38,443
But if there's anything
I know about Russia,
84
00:04:38,545 --> 00:04:39,978
it's that the
extradition of their own,
85
00:04:40,080 --> 00:04:43,381
especially to the good old
US of A, is unthinkable.
86
00:04:43,484 --> 00:04:45,584
But there may be another
reason that the indicted hacker,
87
00:04:45,686 --> 00:04:48,153
Bogachev, feels
protected in Russia.
88
00:04:48,255 --> 00:04:49,721
After looking at Gameover ZeuS,
89
00:04:49,823 --> 00:04:52,457
a Dutch security company
called Fox-IT discovered that
90
00:04:52,559 --> 00:04:55,827
the malware had been retooled
with an espionage component.
91
00:04:55,929 --> 00:04:58,163
The targets, which
included foreign ministries
92
00:04:58,265 --> 00:05:01,500
and intelligence agencies, were
written right into the code.
93
00:05:01,602 --> 00:05:03,835
And they were all in the
wheelhouse of the FSB,
94
00:05:03,937 --> 00:05:06,771
Russia's security and intel
agency that's the successor
95
00:05:06,874 --> 00:05:08,006
to the KGB.
96
00:05:08,108 --> 00:05:09,641
When I saw the
commands and the comments,
97
00:05:09,743 --> 00:05:12,177
I knew that it was something
different from the rest.
98
00:05:12,279 --> 00:05:14,479
Started researching it,
and you know, quite quickly
99
00:05:14,581 --> 00:05:15,847
figured out what it was.
100
00:05:15,949 --> 00:05:17,649
This is Michael Sandee.
101
00:05:17,751 --> 00:05:19,751
He's a financial malware
expert who's been tracking
102
00:05:19,853 --> 00:05:23,788
Gameover ZeuS and obsessing
over Bogachev for years.
103
00:05:23,891 --> 00:05:25,023
So what about that?
104
00:05:25,125 --> 00:05:27,025
There was a surveillance
aspect to Gameover ZeuS.
105
00:05:27,127 --> 00:05:28,493
So it wasn't just
stealing money,
106
00:05:28,595 --> 00:05:32,464
it was also espionage
against very specific targets.
107
00:05:32,566 --> 00:05:35,534
The most obvious ones
were Turkey and Georgia,
108
00:05:35,636 --> 00:05:38,169
and later when the...
109
00:05:38,272 --> 00:05:41,106
you know, the more recent
Ukrainian conflict started,
110
00:05:41,208 --> 00:05:43,341
they started to
target Ukraine as well.
111
00:05:43,443 --> 00:05:48,313
There were actual specific
names of government employees
112
00:05:48,415 --> 00:05:50,782
that were listed in
their search commands.
113
00:05:50,884 --> 00:05:54,085
But would you say that
the evidence suggests that,
114
00:05:54,187 --> 00:05:59,324
in some way, some possible
Russian agent with the FSB,
115
00:05:59,426 --> 00:06:01,960
or some of their state
intelligence services,
116
00:06:02,062 --> 00:06:05,230
slipped some names or some
search terms to Bogachev
117
00:06:05,332 --> 00:06:07,065
to insert into Gameover ZeuS?
118
00:06:07,167 --> 00:06:10,035
Yeah, that is a
very good possibility.
119
00:06:10,137 --> 00:06:13,038
Like it was just a large
amount of commands in there.
120
00:06:13,140 --> 00:06:15,307
You know, when you
see them all together,
121
00:06:15,409 --> 00:06:17,809
you know well, this is
not just, you know...
122
00:06:17,911 --> 00:06:20,579
he himself just thinking up,
you know, search terms.
123
00:06:20,681 --> 00:06:22,881
This is something that was
given to him, obviously.
124
00:06:22,983 --> 00:06:25,984
There's a $3,000,000
bounty on Bogachev
125
00:06:26,086 --> 00:06:27,752
from the US government;
that's a lot of money.
126
00:06:27,854 --> 00:06:29,054
It is.
127
00:06:29,156 --> 00:06:31,723
But nobody's found
him, in the world.
128
00:06:31,825 --> 00:06:33,558
So what's... what's with that?
129
00:06:33,660 --> 00:06:34,993
Why hasn't anybody found him,
130
00:06:35,095 --> 00:06:36,528
and why hasn't he
been apprehended?
131
00:06:36,630 --> 00:06:38,730
Yeah, it's a good question.
132
00:06:38,832 --> 00:06:41,032
Obviously I also don't
know, because if I knew,
133
00:06:41,134 --> 00:06:43,602
then you know, I
would be cashing in
134
00:06:43,704 --> 00:06:45,070
that $3,000,000 obviously.
135
00:06:45,172 --> 00:06:47,205
But you know, a number of
things could have happened.
136
00:06:47,307 --> 00:06:51,242
Maybe he is now full-time
working for the government,
137
00:06:51,345 --> 00:06:53,778
or he has really
disappeared somewhere.
138
00:06:53,880 --> 00:06:56,481
It's really difficult to say.
139
00:06:57,951 --> 00:07:00,118
With a multi-million
dollar bounty on his head,
140
00:07:00,220 --> 00:07:02,754
Bogachev is going to be
a tough guy to track down.
141
00:07:02,856 --> 00:07:05,590
But even if it is next to
impossible to meet the legendary
142
00:07:05,692 --> 00:07:08,493
Slavik, I want to get on the
ground with Russian hackers
143
00:07:08,595 --> 00:07:10,161
to see the scene for myself.
144
00:07:14,701 --> 00:07:16,034
BEN: I'm in Moscow,
trying to learn more
145
00:07:16,136 --> 00:07:18,269
about the links between
Russian black hat hackers
146
00:07:18,372 --> 00:07:20,472
and the country's spy agencies.
147
00:07:20,574 --> 00:07:22,607
I'm looking into the case of
an infamous Russian hacker
148
00:07:22,709 --> 00:07:24,542
named Evgeniy Bogachev.
149
00:07:24,645 --> 00:07:27,579
He's the FBI's number one
Most Wanted Cyber Criminal,
150
00:07:27,681 --> 00:07:29,614
but rumour has it he's
under the protection
151
00:07:29,716 --> 00:07:32,250
of Putin's government,
and that makes sense.
152
00:07:32,352 --> 00:07:34,919
Turns out the malware
Bogachev used to rob banks
153
00:07:35,022 --> 00:07:37,122
also contains
surveillance software
154
00:07:37,224 --> 00:07:39,658
serving the country's
geopolitical interests.
155
00:07:39,760 --> 00:07:43,595
Andrey Soshnikov is a
BBC reporter in Moscow.
156
00:07:43,697 --> 00:07:46,297
He became known for
exposing Russia's troll farms,
157
00:07:46,400 --> 00:07:49,100
which spread pro-Russian and
anti-American propaganda
158
00:07:49,202 --> 00:07:50,835
around the world.
159
00:07:50,937 --> 00:07:52,971
I asked him about the
hacking scene in Russia,
160
00:07:53,073 --> 00:07:54,773
and how Bogachev fits into it.
161
00:07:54,875 --> 00:07:57,475
Bogachev is a legend, of course.
162
00:07:57,577 --> 00:08:00,278
Still number one
on the FBI list.
163
00:08:00,380 --> 00:08:02,280
I know his fans.
164
00:08:02,382 --> 00:08:07,419
Some of my people I know,
they pray for Bogachev.
165
00:08:07,521 --> 00:08:09,688
And why is he such
a legend in Russia?
166
00:08:09,790 --> 00:08:11,289
A bright mind.
167
00:08:11,391 --> 00:08:13,725
He has such a-- he's so clever.
168
00:08:13,827 --> 00:08:19,497
They think to hack Americans is
like a heroic thing for them.
169
00:08:19,599 --> 00:08:23,968
America is our former enemy,
170
00:08:24,071 --> 00:08:28,473
and it's our kind
of enemy nowadays.
171
00:08:28,575 --> 00:08:32,010
Americans use their
infrastructure to monopolize
172
00:08:32,112 --> 00:08:35,780
internet, and some day
they can use it against us.
173
00:08:35,882 --> 00:08:40,552
So hacking them, it shows
them that we are stronger,
174
00:08:40,654 --> 00:08:42,353
that we have the best minds.
175
00:08:42,456 --> 00:08:43,788
Is the Russian government
interested in bringing
176
00:08:43,890 --> 00:08:45,490
Bogachev to justice,
like to jail?
177
00:08:45,592 --> 00:08:47,025
No, absolutely not.
178
00:08:47,127 --> 00:08:48,626
- No?
- No, absolutely not.
179
00:08:48,729 --> 00:08:50,829
Because they receive no
punishment for hacking
180
00:08:50,931 --> 00:08:52,831
out of the country.
181
00:08:52,933 --> 00:08:54,966
So then how do some of
these people get into
182
00:08:55,068 --> 00:08:58,536
the black market and work
for criminal syndicates?
183
00:08:58,638 --> 00:09:00,538
It's not the black market.
184
00:09:00,640 --> 00:09:04,109
You can call it black market;
it's just a free market.
185
00:09:04,211 --> 00:09:09,547
There's no security service
trying to put this down.
186
00:09:09,649 --> 00:09:11,850
They use it themselves because
187
00:09:11,952 --> 00:09:18,890
they can't afford to
use hackers full-time.
188
00:09:18,992 --> 00:09:21,259
So they just can hire them.
189
00:09:21,361 --> 00:09:24,028
Speaking to
ordinary people like me,
190
00:09:24,131 --> 00:09:27,031
I can use this black
market too, if I need.
191
00:09:27,134 --> 00:09:31,636
I can just connect to one
website, and I can hire
192
00:09:31,738 --> 00:09:36,708
any expert I need
in this cyber fraud,
193
00:09:36,810 --> 00:09:39,944
hacker, everything I need.
194
00:09:40,947 --> 00:09:43,248
Russia may have some of the
world's most notorious hackers,
195
00:09:43,350 --> 00:09:45,083
but it's also home
to some of the world's
196
00:09:45,185 --> 00:09:47,085
best security researchers.
197
00:09:47,187 --> 00:09:49,387
I'm at the headquarters of the
Russian cyber security giant,
198
00:09:49,489 --> 00:09:50,855
Kaspersky.
199
00:09:50,957 --> 00:09:53,091
It's a private company,
but it frequently works with
200
00:09:53,193 --> 00:09:56,127
Russian law enforcement in
cybercrime investigations.
201
00:09:56,229 --> 00:09:58,763
Looks like a
government command centre.
202
00:09:58,865 --> 00:10:00,131
Yeah, yeah, yeah.
(Laughing)
203
00:10:00,233 --> 00:10:02,967
So we have three
rooms like this in Moscow,
204
00:10:03,069 --> 00:10:04,936
Seattle, and Beijing.
205
00:10:05,038 --> 00:10:06,738
And is this all just code?
206
00:10:06,840 --> 00:10:10,308
Yes, it's machine code, machine
code of one of the most known,
207
00:10:10,410 --> 00:10:11,576
the ZeuS.
208
00:10:11,678 --> 00:10:13,378
- ZeuS, right.
- ZeuS malware, yeah.
209
00:10:13,480 --> 00:10:16,714
This is the larger-than-life
big boss of Kaspersky,
210
00:10:16,817 --> 00:10:18,616
Eugene Kaspersky.
211
00:10:18,718 --> 00:10:20,318
He's known for
throwing epic parties
212
00:10:20,420 --> 00:10:22,720
and as a pioneer
of anti-malware.
213
00:10:22,823 --> 00:10:24,756
Some people, they
collect post stamps...
214
00:10:24,858 --> 00:10:26,825
(Laughing)
Butterflies.
215
00:10:26,927 --> 00:10:30,829
So I was... I was collecting
computer viruses as a hobby,
216
00:10:30,931 --> 00:10:34,833
and then my hobby
slowly became my job.
217
00:10:34,935 --> 00:10:37,435
But now you say that the
best hackers in the world
218
00:10:37,537 --> 00:10:39,170
are in Russia.
219
00:10:39,272 --> 00:10:40,805
Unfortunately, yes.
220
00:10:40,907 --> 00:10:44,776
Well, we estimate that
now there are about a dozen
221
00:10:44,878 --> 00:10:50,081
Russian-speaking criminal
gangs, cybercriminal gangs,
222
00:10:50,183 --> 00:10:52,016
which are very professional
223
00:10:52,118 --> 00:10:54,919
and they're quite
a serious problem.
224
00:10:55,021 --> 00:10:56,754
And Kaspersky,
as I understand it,
225
00:10:56,857 --> 00:10:58,256
is tracking some
of these groups.
226
00:10:58,358 --> 00:10:59,424
Yes, of course.
227
00:10:59,526 --> 00:11:01,259
It's a company mission
to save the world,
228
00:11:01,361 --> 00:11:02,760
to save the cyber world.
229
00:11:02,863 --> 00:11:05,363
Why is it so hard to
catch people like Bogachev,
230
00:11:05,465 --> 00:11:07,198
who are these, you
know, brilliant hackers?
231
00:11:07,300 --> 00:11:10,368
In some cases, they
are really professional,
232
00:11:10,470 --> 00:11:14,639
so they can stay in the shadow
for a long, long time.
233
00:11:14,741 --> 00:11:18,776
And for example, they don't
attack victims on the territory
234
00:11:18,879 --> 00:11:22,847
of their own country, so
the local law enforcement,
235
00:11:22,949 --> 00:11:25,383
they don't have the...
236
00:11:25,485 --> 00:11:27,785
the permission to
start the criminal case.
237
00:11:27,888 --> 00:11:30,455
Simply because there
was no, zero victims
238
00:11:30,557 --> 00:11:32,056
on territory of Russia.
239
00:11:32,158 --> 00:11:34,692
With no victims inside the
country, Bogachev and his group
240
00:11:34,794 --> 00:11:37,395
may not have to worry about
the Russian authorities,
241
00:11:37,497 --> 00:11:39,898
but he's still the FBI's
Most Wanted Cyber Criminal.
242
00:11:40,000 --> 00:11:43,234
I'm in Las Vegas to meet an
expert on Russian cyber gangs.
243
00:11:43,336 --> 00:11:45,837
He made a name for himself
by trolling the dark web and
244
00:11:45,939 --> 00:11:48,806
revealing the inner workings
of several major crime rings.
245
00:11:48,909 --> 00:11:51,676
As you can imagine,
Brian Krebs has also managed
246
00:11:51,778 --> 00:11:53,378
to piss off said rings.
247
00:11:53,480 --> 00:11:55,346
One hacker tried
to get even with him
248
00:11:55,448 --> 00:11:58,049
by sending a gram of
high-grade heroin to his house,
249
00:11:58,151 --> 00:12:00,852
and then phoning in
a tip to the cops.
250
00:12:00,954 --> 00:12:02,887
One thing I wanted to ask
you about, because you said
251
00:12:02,989 --> 00:12:06,824
the Russian government
condones hacking or hackers;
252
00:12:06,927 --> 00:12:08,826
what do you know about
kind of the connections
253
00:12:08,929 --> 00:12:12,397
between Russian intel
and hiring freelancers?
254
00:12:12,499 --> 00:12:14,065
What's the relationship there?
255
00:12:14,167 --> 00:12:17,535
I've long suspected that
some of the longest running
256
00:12:17,637 --> 00:12:21,105
Russian hacker forums are
actually run by the FSB.
257
00:12:21,207 --> 00:12:22,674
Really?
258
00:12:22,776 --> 00:12:24,709
I'm sure, because they have
to know who these people are.
259
00:12:24,811 --> 00:12:30,448
And... And when they
become useful for some reason,
260
00:12:30,550 --> 00:12:34,285
their government's not shy
about making that desire known.
261
00:12:34,387 --> 00:12:36,854
Some of the guys that I've
been able to track down,
262
00:12:36,957 --> 00:12:38,856
a lot of these guys kind of
romanticize the way
263
00:12:38,959 --> 00:12:41,926
the Soviet Union was, and they
sort of want that to be...
264
00:12:42,028 --> 00:12:44,062
they want Russia to
be a superpower again.
265
00:12:44,164 --> 00:12:47,198
They want Russia to be
somebody to be reckoned with.
266
00:12:47,300 --> 00:12:50,034
BEN: Which brings me to
another character: Bogachev.
267
00:12:50,136 --> 00:12:51,569
BRIAN: He's a really
interesting guy.
268
00:12:51,671 --> 00:12:53,638
He's an interesting guy, 'cause
one thing that we've seen in
269
00:12:53,740 --> 00:12:57,442
Gameover ZeuS, there was
actual surveillance information,
270
00:12:57,544 --> 00:12:59,978
or surveillance tools,
inside of his code.
271
00:13:00,080 --> 00:13:03,081
He was trying to gather
stuff on Turkey, and FSA,
272
00:13:03,183 --> 00:13:04,916
and Georgia, and Ukraine.
273
00:13:05,018 --> 00:13:06,584
Why would he have done that?
274
00:13:06,686 --> 00:13:08,152
This is a guy who's been
only interested in money
275
00:13:08,254 --> 00:13:09,988
for this many years.
276
00:13:10,090 --> 00:13:12,457
You know, I mean, you increase
your usefulness if you have that
277
00:13:12,559 --> 00:13:16,127
kind of access, so... and a guy
like that would need protection.
278
00:13:16,229 --> 00:13:17,962
Oh yeah, the FBI is
very interested still.
279
00:13:18,064 --> 00:13:21,966
He's probably not able
to leave Russia... ever.
280
00:13:22,068 --> 00:13:23,601
(Laughing)
281
00:13:23,703 --> 00:13:24,969
I mean, if he does, you know,
282
00:13:25,071 --> 00:13:26,671
there's a good chance
he'll get picked up.
283
00:13:31,344 --> 00:13:33,011
BEN: I reached out to all
of my sources and followed
284
00:13:33,113 --> 00:13:35,780
every lead, but I haven't been
able to arrange a meeting
285
00:13:35,882 --> 00:13:38,616
with the notorious hacker,
Evgeniy Bogachev.
286
00:13:38,718 --> 00:13:40,985
I heard he was living
large in southern Russia,
287
00:13:41,087 --> 00:13:42,787
under the protection
of Russian intel.
288
00:13:42,889 --> 00:13:45,356
In fact, there was a rumour
he even got plastic surgery
289
00:13:45,458 --> 00:13:46,858
to avoid being recognized.
290
00:13:48,728 --> 00:13:50,661
Bogachev or not, I wanted to see
291
00:13:50,764 --> 00:13:53,698
this Russian cyber-criminal
underworld for myself.
292
00:13:55,402 --> 00:13:58,503
So I'm meeting with a famous
hacker here in Russia named NSD.
293
00:13:58,605 --> 00:14:00,271
He's a pretty
interesting character,
294
00:14:00,373 --> 00:14:03,608
'cause our local producer,
Dima, said he wanted VICE
295
00:14:03,710 --> 00:14:06,844
to buy shares in his
new Russian company,
296
00:14:06,946 --> 00:14:10,281
and he was also concerned that
the cameras that we're using
297
00:14:10,383 --> 00:14:12,183
would give him radiation.
298
00:14:12,285 --> 00:14:14,018
So this is gonna be
pretty interesting.
299
00:14:14,120 --> 00:14:19,390
♪
300
00:14:19,492 --> 00:14:20,658
Hello.
301
00:14:20,760 --> 00:14:22,126
Nice to meet you.
302
00:14:22,228 --> 00:14:26,164
Oleg Tolstykh, AKA NSD,
isn't of Middle Eastern descent,
303
00:14:26,266 --> 00:14:28,866
and dresses in the style
of a Gulf Sheik because
304
00:14:28,968 --> 00:14:31,335
"it feels good,"
as he said to me.
305
00:14:31,438 --> 00:14:33,137
He was once a notorious hacker,
306
00:14:33,239 --> 00:14:35,807
rumoured to be involved in
carding and bank theft.
307
00:14:35,909 --> 00:14:38,409
But after he appeared in
an infamous YouTube video,
308
00:14:38,511 --> 00:14:41,879
living the Russian hacker
life, he supposedly went legit.
309
00:14:41,981 --> 00:14:44,215
Now, he claims to run a
public software company
310
00:14:44,317 --> 00:14:46,717
that's listed on the
Moscow Stock Exchange.
311
00:14:46,820 --> 00:14:48,553
So I did see a video
of you before this.
312
00:14:48,655 --> 00:14:50,088
Do you know what video
I'm talking about?
313
00:15:09,509 --> 00:15:10,942
So when you were younger,
you were described as
314
00:15:11,044 --> 00:15:12,477
a computer genius.
315
00:15:12,579 --> 00:15:14,812
Was it tough though, when you
were younger, to make money?
316
00:15:38,805 --> 00:15:40,938
So I know you don't want
to talk about the dark side
317
00:15:41,040 --> 00:15:44,475
of the world of
Russian hackers,
318
00:15:44,577 --> 00:15:47,645
but I'm going to be
here for a few more days.
319
00:15:47,747 --> 00:15:49,280
Do you have any advice for me
320
00:15:49,382 --> 00:15:51,249
on how I can better
report on that world?
321
00:15:51,351 --> 00:15:53,651
Do you think any of
them would talk to me?
322
00:15:53,753 --> 00:15:55,920
- I think no.
- Why not?
323
00:15:56,022 --> 00:15:58,623
Uh... uh...
324
00:16:02,061 --> 00:16:04,795
Oleg gave me a true taste
of just how freaky and shadowy
325
00:16:04,898 --> 00:16:06,697
the Russian hacking world is.
326
00:16:08,501 --> 00:16:10,902
But I needed more, and got the
name of another supposed hacker
327
00:16:11,004 --> 00:16:13,004
with a colourful past.
328
00:16:13,106 --> 00:16:16,340
Warning: Things are
about to get even weirder.
329
00:16:16,442 --> 00:16:20,278
Meet a self-described
hacker who calls himself "Nc".
330
00:16:20,380 --> 00:16:23,981
I found him in a typical-looking
Soviet-era apartment block.
331
00:16:24,083 --> 00:16:25,683
Holy shit!
332
00:16:27,587 --> 00:16:29,353
[Bleep].
333
00:16:29,455 --> 00:16:32,857
It's just - He's even
got the weird TV going off
334
00:16:32,959 --> 00:16:34,392
in the corner for no reason.
335
00:16:34,494 --> 00:16:36,093
Very cool room.
336
00:16:41,067 --> 00:16:43,367
So, what do you hack?
337
00:17:10,463 --> 00:17:12,096
So what have you hacked,
stolen and sold?
338
00:17:22,208 --> 00:17:23,641
Why are you, why
are you stealing--
339
00:17:40,426 --> 00:17:41,726
(Chuckling)
340
00:17:41,828 --> 00:17:44,829
TRANSLATOR: He just got
like, you know, literally...
341
00:17:44,931 --> 00:17:46,931
- Hmm?
- No, I'm okay.
342
00:18:02,015 --> 00:18:04,415
Are you... Are you
hacking VICE right now?
343
00:18:04,517 --> 00:18:06,050
Oh, that's weird.
344
00:18:06,152 --> 00:18:07,585
This got real in a hurry.
345
00:18:14,661 --> 00:18:16,894
That's not gonna happen.
346
00:18:16,996 --> 00:18:19,096
I'm not giving him anything.
347
00:18:22,035 --> 00:18:24,702
You say you have
customers or clients?
348
00:18:24,804 --> 00:18:28,606
Are any of those...
you know, the FSB?
349
00:18:28,708 --> 00:18:30,341
The Russian government?
350
00:18:46,759 --> 00:18:49,293
Just like a
scene out of Hackers,
351
00:18:49,395 --> 00:18:51,429
and he would never
answer a question,
352
00:18:51,531 --> 00:18:54,165
and said, "Everything is
open, but I hack things."
353
00:18:55,768 --> 00:18:57,368
That was...
354
00:18:57,470 --> 00:18:59,170
That was --- insane.
355
00:19:03,710 --> 00:19:05,843
BEN: Here in Moscow, finding
a hacker who would talk openly
356
00:19:05,945 --> 00:19:08,312
about their relationship
with Russian intel
357
00:19:08,414 --> 00:19:11,782
was near impossible, until
we prowled a local hacker bar
358
00:19:11,884 --> 00:19:15,486
and met up with a woman
who calls herself "Eas7".
359
00:19:15,588 --> 00:19:18,356
She's a known hacker and once
worked on industrial espionage
360
00:19:18,458 --> 00:19:20,324
for the FSB.
361
00:19:20,426 --> 00:19:23,961
And is it a regular thing
for FSB to approach hackers,
362
00:19:24,063 --> 00:19:25,796
cyber criminals,
to do work for them?
363
00:19:25,898 --> 00:19:27,365
Is that something that
happens all the time in Russia?
364
00:20:08,641 --> 00:20:11,041
Have you ever worked with
anybody who could be classified
365
00:20:11,144 --> 00:20:14,178
as a "cybercriminal", somebody
who works in, you know, groups
366
00:20:14,280 --> 00:20:18,048
that will hack things for
money or for illegal purposes?
367
00:20:18,151 --> 00:20:20,251
Yes.
(Laughing)
368
00:20:41,174 --> 00:20:44,375
Is there a kind of unwritten
rule that hackers in Russia
369
00:20:44,477 --> 00:20:46,911
don't hack Russian institutions?
370
00:20:52,652 --> 00:20:55,486
Those industrial espionage
targets you were targeting,
371
00:20:55,588 --> 00:20:56,987
were they American companies?
372
00:21:18,811 --> 00:21:21,879
So, according to Eas7, the
Russian government hires
373
00:21:21,981 --> 00:21:24,582
freelancers to do some of
its dirty work, and many of
374
00:21:24,684 --> 00:21:27,785
those same hackers are involved
in criminal activities.
375
00:21:27,887 --> 00:21:29,787
Russian authorities don't
seem to care much about
376
00:21:29,889 --> 00:21:31,922
their citins hacking
foreign targets,
377
00:21:32,024 --> 00:21:34,458
and those hackers may even be
protected when they prove to be
378
00:21:34,560 --> 00:21:36,093
useful in other ways.
379
00:21:36,195 --> 00:21:38,596
That might explain why it's
so hard to find Bogachev,
380
00:21:38,698 --> 00:21:41,232
and why it's so hard to
attribute any attacks
381
00:21:41,334 --> 00:21:43,133
that come out of Russia.
382
00:21:43,236 --> 00:21:46,237
US intelligence officials,
for example, are confident
383
00:21:46,339 --> 00:21:48,305
that the Democratic
National Committee hack
384
00:21:48,407 --> 00:21:50,407
was directed by
the Russian government.
385
00:21:52,245 --> 00:21:54,278
But that doesn't necessarily
mean Putin's hackers
386
00:21:54,380 --> 00:21:56,680
were the ones actually
responsible for it.
387
00:21:56,782 --> 00:22:00,784
Maybe this is an arrangement
that suits the Putin regime?
388
00:22:00,887 --> 00:22:03,454
The government gets a steady
stream of hacking talent that
389
00:22:03,556 --> 00:22:07,191
can act outside of the
bounds of International Law...
390
00:22:07,293 --> 00:22:10,594
and Russian officials also
get plausible deniability
391
00:22:10,696 --> 00:22:13,631
for the attacks that ultimately
serve their interests.
392
00:22:13,733 --> 00:22:19,737
♪