您现在的位置: 纽约时报中英文网 >> 纽约时报中英文版 >> 国际 >> 正文

FBI头号黑客通缉犯:俄罗斯的“兼职”间谍

更新时间:2017-3-14 10:17:19 来源:纽约时报中文网 作者:佚名

Russian Espionage Piggybacks on a Cybercriminal’s Hacking
FBI头号黑客通缉犯:俄罗斯的“兼职”间谍

To the F.B.I., Evgeniy M. Bogachev is the most wanted cybercriminal in the world. The bureau has announced a $3 million bounty for his capture, the most ever for computer crimes, and has been trying to track his movements in hopes of grabbing him if he strays outside his home turf in Russia.

对美国联邦调查局(简称FBI)来说,叶夫根尼·M·博加乔夫(Evgeniy M. Bogachev)是遭其通缉的世界上最大的网络罪犯。为了将他抓获,FBI已悬赏300万美元,这在计算机犯罪领域是有史以来最高的,FBI也一直在试图跟踪他的行动,希望能在他如果走出其在俄罗斯地盘的时候,将他抓获。

He has been indicted in the United States, accused of creating a sprawling network of virus-infected computers to siphon hundreds of millions of dollars from bank accounts around the world, targeting anyone with enough money worth stealing — from a pest control company in North Carolina to a police department in Massachusetts to a Native American tribe in Washington.

博加乔夫已在美国遭到起诉,罪名是创建了一个由被病毒感染的计算机构成的蔓延网络,从世界各地的银行帐户盗取了数亿美元,被盗者是任何有足够多钱、值得偷的对象,包括北卡罗来纳州的一家控制害虫的公司、马萨诸塞州的一个警察局,以及华盛顿州的一个美国土着部落。

In December, the Obama administration announced sanctions against Mr. Bogachev and five others in response to intelligence agencies’ conclusions that Russia had meddled in the presidential election. Publicly, law enforcement officials said it was his criminal exploits that landed Mr. Bogachev on the sanctions list, not any specific role in the hacking of the Democratic National Committee.

去年12月,情报机构做出结论,俄罗斯曾插手美国的总统大选,作为回应,奥巴马政府宣布了对博加乔夫及其他五人的制裁。执法官员在公开场合表示,博加乔夫上了这个名单是因为他的犯罪活动,而不是因为他在攻击民主党全国委员会的计算机网络方面有任何具体作用。

But it is clear that for Russia, he is more than just a criminal. At one point, Mr. Bogachev had control over as many as a million computers in multiple countries, with possible access to everything from family vacation photographs and term papers to business proposals and highly confidential personal information. It is almost certain that computers belonging to government officials and contractors in a number of countries were among the infected devices. For Russia’s surveillance-obsessed intelligence community, Mr. Bogachev’s exploits may have created an irresistible opportunity for espionage.

但很显然,对俄罗斯来说,他比一名简单的犯罪分子要重要得多。在某个时刻,博加乔夫曾控制了多个国家的多达一百万台计算机,让他可能访问从家庭度假照片和期末论文、到商业计划书和高度机密的个人信息等大批文件。几乎可以肯定,几个国家的政府官员和承包商拥有的计算机属于被感染的设备之列。对俄罗斯的热衷监视的情报部门来说,博加乔夫的所作所为可能已为间谍活动创造了一个极为诱人的机会。

While Mr. Bogachev was draining bank accounts, it appears that the Russian authorities were looking over his shoulder, searching the same computers for files and emails. In effect, they were grafting an intelligence operation onto a far-reaching cybercriminal scheme, sparing themselves the hard work of hacking into the computers themselves, officials said.

在博加乔夫掏空人们银行账户的同时,俄罗斯当局似乎一直在旁边看着,在同样的计算机上查看文件和电子邮件。实际上,他们是在借助一个魔掌伸得很远的网络犯罪计划来收集情报,省去了他们自己对这些计算机进行黑客攻击的工作,官员说。

From Thief to Russian Asset?

从小偷到对俄罗斯有用的人?

His involvement with Russian intelligence may help explain why Mr. Bogachev, 33, is hardly a man on the run. F.B.I. officials say he lives openly in Anapa, a run-down resort town on the Black Sea in southern Russia. He has a large apartment near the shore and possibly another in Moscow, officials say, as well as a collection of luxury cars, though he seems to favor driving his Jeep Grand Cherokee. American investigators say he enjoys sailing and owns a yacht.

对俄罗斯情报工作的参与可能有助于解释为什么33岁的博加乔夫远非一名在逃的罪犯。联邦调查局官员说,他公开生活在俄罗斯南部黑海附近一个不景气的度假城镇阿纳帕。他在那里的海边上有一套大公寓,而且可能在莫斯科还有另外一套,官员说,他还有一个豪华汽车收藏,虽然他似乎喜欢驾驶他的吉普大切诺基。美国调查人员说,他喜欢帆船并拥有一艘游艇。

Running the criminal scheme was hard work. Mr. Bogachev often complained of being exhausted and “of having too little time for his family,” said Aleksandr Panin, a Russian hacker, now in a federal prison in Kentucky for bank fraud, who used to communicate with Mr. Bogachev online. “He mentioned a wife and two kids as far as I remember,” Mr. Panin wrote in an email.

运行一个犯罪系统是艰苦的工作。据俄罗斯黑客亚历山大·帕宁(Aleksandr Panin)说,博加乔夫经常抱怨自己精疲力尽,“很少有时间与家人在一起”,帕宁因诈骗银行罪目前正在肯塔基州的一个联邦监狱里服刑,他曾与博加乔夫有在线交流。帕宁在一封电子邮件中写道,“在我的记忆里,他提到过妻子和两个孩子。”

Beyond that, little is known about Mr. Bogachev, who preferred to operate anonymously behind various screen names: slavik, lucky12345, pollingsoon. Even close business associates never met him in person or knew his real name.

除此之外,人们对博加乔夫知道的很少,他喜欢用不同的屏幕代号匿名操作:slavik、lucky12345、pollingsoon。即使是亲密的商业伙伴也从未见过他本人,或者知道他的真实姓名。

“He was very, very paranoid,” said J. Keith Mularski, an F.B.I. supervisor in Pittsburgh whose investigation of Mr. Bogachev led to an indictment in 2014. “He didn’t trust anybody.”

“他非常、非常多疑。他不相信任何人。”联邦调查局在匹兹堡的主管J·基斯·姆拉尔斯基(J. Keith Mularski)说。姆拉尔斯基对博加乔夫的调查导致了2014年的起诉书。

Russia does not have an extradition treaty with the United States, and Russian officials say that so long as Mr. Bogachev has not committed a crime on Russian territory, there are no grounds to arrest him.

俄罗斯与美国之间没有引渡条约,而且俄罗斯官员说,只要博加乔夫没有在俄罗斯领土上犯下罪行,就没有理由逮捕他。

Attempts to reach Mr. Bogachev for this article were unsuccessful. In response to questions, his lawyer in Anapa, Aleksei Stotskii, said, “The fact that he is wanted by the F.B.I. prevents me morally from saying anything.”

记者为这篇文章试图与博加乔夫联系未果。博加乔夫在阿纳帕的律师阿列克谢·斯朵兹基(Aleksei Stotskii)对记者提问的回答是,“他被联邦调查局通缉的事实,让我从道德的角度无可奉告。”

A line in Mr. Bogachev’s file with the Ukrainian Interior Ministry, which has helped the F.B.I. track his movements, describes him as “working under the supervision of a special unit of the F.S.B.,” referring to the Federal Security Service, Russia’s main intelligence agency. The F.S.B. did not respond to a request for comment.

乌克兰内政部有关博加乔夫的文件中有一句话,把他描述为“在FSB的一个特别部门的监督下工作”,FSB是俄罗斯的主要情报机构“联邦安全局”的简称。乌克兰内政部曾帮助FBI跟踪博加乔夫的行动,FSB没有回复置评的请求。

That Mr. Bogachev remains at large “is the most powerful argument” that he is an asset of the Russian government, said Austin Berglas, who was an assistant special agent in charge of cyberinvestigations out of the F.B.I.’s New York field office until 2015. Hackers like Mr. Bogachev are “moonlighters,” Mr. Berglas said, “doing the bidding of Russian intelligence services, whether economic espionage or straight-up espionage.”

奥斯汀·贝格拉斯(Austin Berglas)说,博加乔夫仍未归案是他对俄罗斯政府有用的“最有力的论证”,贝格拉斯直到2015年一直担任联邦调查局纽约办事处的助理特工,负责网络调查工作。博加乔夫这样的黑客是“月光族”,贝格拉斯说,“(他们)给俄罗斯情报部门打工,充当经济间谍或直接的间谍。”

Such an arrangement offers the Kremlin a convenient cover story and an easy opportunity to take a peek into the extensive networks of computers infected by Russian hackers, security experts say. Russian intelligence agencies also appear to occasionally employ malware tools developed for criminal purposes, including the popular BlackEnergy, to attack the computers of enemy governments. The recent revelations by WikiLeaks about C.I.A. spying tools suggest that the agency also kept a large reference library of hacking kits, some of which appear to have been produced by Russia.

安全专家说,这种安排为克里姆林宫提供了一个方便的掩护,也为窥探被俄罗斯黑客感染的大范围的计算机网络提供了轻而易举的机会。俄罗斯情报机构似乎偶尔也使用为犯罪目的开发的恶意软件工具,包括受黑客欢迎的BlackEnergy软件,来攻击敌对政府的计算机。维基解密最近关于美国中央情报局间谍工具的泄露暗示,该机构还保藏着一个黑客工具的大型参考文献库,其中有些工具似乎是俄罗斯开发的。

Fishing for Top Secrets

为获取绝密而钓鱼

Mr. Bogachev’s hacking career began well over a decade ago, leading to the creation of a malicious software program called GameOver ZeuS, which he managed with the help of about a half-dozen close associates who called themselves the Business Club, according to the F.B.I. and security researchers. Working around the clock, his criminal gang infected an ever-growing network of computers. It was able to bypass the most advanced banking security measures to quickly empty accounts and transfer the money abroad through a web of intermediaries called money mules. F.B.I. officials said it was the most sophisticated online larceny scheme they had encountered — and for years, it was impenetrable.

博加乔夫的黑客职业生涯早在十多年前就开始了,他帮助开发了一个名为GameOver ZeuS的恶意软件程序,并在大约六名亲密同伙的帮助下管理过该软件,这些人以“商业俱乐部”自称,据FBI和研究计算机安全的人说。该犯罪团伙连轴转地工作,被他们感染的计算机的网络不断扩大。这个软件能够绕过最先进的银行安全措施,迅速掏空帐户,并通过被称为“钱骡子”的中介网将钱转移到国外。联邦调查局官员说,这是他们遇到的最复杂的在线盗窃计划,而且多年未能攻破。

Beginning around 2011, according to an analysis by Fox-IT, computers under Mr. Bogachev’s control started receiving requests for information — not about banking transactions, but for files relating to various geopolitical developments pulled from the headlines.

根据Fox-IT的分析,从2011年开始,博加乔夫控制下的计算机开始收到信息请求,但不是关于银行交易的,而是关于来自新闻大标题的各种地缘政治发展的文件。

Around the time that former President Barack Obama publicly agreed to start sending small arms and ammunition to Syrian rebels, in 2013, Turkish computers infected by Mr. Bogachev’s network were hit with keyword searches that included the terms “weapon delivery” and “arms delivery.” There were also searches for “Russian mercenary” and “Caucasian mercenary,” suggesting concerns about Russian citizens fighting in the war.

就在前总统巴拉克·奥巴马公开同意开始向叙利亚反叛分子输送小型武器和弹药的时候,也就是2013年,被博加乔夫的网络感染的土耳其计算机遭受了一次关键词搜索,使用的词汇包括“武器交付”和“军备交付”。还有用“俄罗斯雇佣军”和“高加索雇佣军”单词进行的搜索,表明对俄罗斯公民参与那场战争的担心。

Ahead of Russia’s military intervention in Ukraine in 2014, infected computers were searched for information about top-secret files from the country’s main intelligence directorate, the S.B.U. Some of the queries involved searches for personal information about government security officials, including emails from Georgia’s foreign intelligence service, the Turkish Foreign Ministry and others, said Michael Sandee, one of the researchers from Fox-IT.

在俄罗斯2014年对乌克兰进行军事干预之前,对受感染的计算机的检索是关于来自俄罗斯主要情报部门SBU的机密文件的。一些检索涉及关于政府安全官员的个人信息,包括来自格鲁吉亚的国外情报人员、土耳其外交部和其他人的电子邮件,Fox-IT的研究人员迈克尔·桑迪(Michael Sandee)说。

In the summer of 2014, the F.B.I., together with law enforcement agencies in over half a dozen countries, carried out Operation Tovar, a coordinated attack on Mr. Bogachev’s criminal infrastructure that shut down his network and liberated computers infected with GameOver ZeuS.

2014年夏,FBI与多个国家的执法机构一起开展了一个名为Tovar的行动,对博加乔夫的犯罪基础设施进行了协调打击,关闭了他的网络,解放了被GameOver ZeuS感染的计算机。

Prosecutors said they were in talks with the Russian government, trying to secure cooperation for the capture of Mr. Bogachev. But the only apparent legal trouble Mr. Bogachev has faced in Russia was a lawsuit filed against him by a real estate company in 2011 over payment of about $75,000 on his apartment in Anapa, according to court papers there. And even that he managed to beat.

美国的检察官说,他们正在与俄罗斯政府谈判,试图在将博加乔夫逮捕一事上得到俄方的合作。但根据当地的法院文件,博加乔夫在俄罗斯面临的唯一法律麻烦似乎是一家房地产公司2011年对他的一项有关阿纳帕公寓约7.5万美元付款的起诉。而且他设法打赢了那起官司。

These days, officials believe Mr. Bogachev is living under his own name in Anapa and occasionally takes boat trips to Crimea, the Ukrainian peninsula that Russia occupied in 2014. Mr. Mularski, the F.B.I. supervisor, said his agents were “still pursuing leads.”

官员们认为,这些日子里,博加乔夫以自己的名字在阿纳帕生活,偶尔乘船前往俄罗斯在2014年占领的乌克兰半岛克里米亚。前面提到的FBI主管姆拉尔斯基说,他的特工们“仍在追逐线索”。

“全文请访问纽约时报中文网,本文发表于纽约时报中文网(http://cn.nytimes.com),版权归纽约时报公司所有。任何单位及个人未经许可,不得擅自转载或翻译。订阅纽约时报中文网新闻电邮:http://nytcn.me/subscription/”

相关文章列表