Press Releases

Treasury Sanctions Two Individuals for Malicious Cyber-Enabled Activities

(Archived Content)

WASHINGTON – Building on the authority previously provided to the Secretary of the Treasury, the President amended Executive Order 13694, “Blocking the Property of Certain Persons Engaging in Significant Malicious Cyber-Enabled Activities,” which was issued by President Obama on April 1, 2015 to authorize sanctions against individuals and entities that threaten the national security, foreign policy, or economic health or financial stability of the United States through involvement in malicious cyber-enabled activities that constitute tampering with, altering, or causing a misappropriation of information with the purpose or effect of interfering with or undermining election processes or institutions.  In an Annex to the amended E.O., the President imposed sanctions on five entities and four individuals in response to the Government of Russia’s interference with U.S. elections and processes in recent months.
In a parallel action, today, the Treasury Department’s Office of Foreign Assets Control (OFAC) imposed sanctions on two Russian individuals for engaging in malicious cyber-enabled activities pursuant to E.O. 13694.  Specifically, Evgeniy Mikhailovich Bogachev and Aleksey Alekseyevich Belan are being designated for their activities related to the significant misappropriation of funds or economic resources, trade secrets, personal identifiers, or financial information for private financial gain.  As a result of today’s action, any property or interests in property of the designated persons within U.S. jurisdiction must be blocked and U.S. persons are generally prohibited from engaging in transactions with them.
“The integrity and stability of our electronic systems are of utmost importance to our national security and we will hold accountable those who seek to compromise or tamper with those systems,” said Treasury Secretary Jacob J. Lew.  “Treasury will use all of its financial tools as part of the U.S. Government’s effort to counter those who engage in malicious cyber activities against our financial system or our national institutions.”
Today’s actions are the first sanctions imposed under this authority.  These measures reflect the continuing commitment of the United States Government to counter and deter the most significant cyber threats we face, including those who use cyber means to undermine democratic processes or institutions or to steal the financial and personal information of innocent individuals.
Evgeniy Mikhailovich Bogachev
Evgeniy Mikhailovich Bogachev was designated for having engaged in significant malicious cyber-enabled misappropriation of financial information for private financial gain.  Bogachev directly benefited from and enabled other cybercriminals to conduct their malicious cyber-enabled activities utilizing the Zeus malware, which he played a significant role in developing.  He managed the distribution and sales of the Zeus malware, as well as tailoring subsequent versions of Zeus to meet his clients’ needs. 
Bogachev is also directly responsible for the development and use of Cryptolocker, a form of ransomware, which is known to have held over 120,000 U.S. victims’ data hostage for financial gain.  Bogachev and his cybercriminal associates are responsible for the theft of over $100 million from U.S. financial institutions and government agencies.
Aleksey Alekseyevich Belan
Aleksey Alekseyevich Belan engaged in the significant malicious cyber-enabled misappropriation of personal identifiers for private financial gain.  Belan compromised the computer networks of at least three major United States-based e-commerce companies.  Belan used his unauthorized access on the e-commerce company networks to steal user data, including email addresses, customer names, and encrypted passwords, belonging to approximately 200 million accounts worldwide.  Belan actively engaged in successful efforts to sell the stolen information for private financial gain.