The US Department of Justice will give $3m reward for information leading to the arrest of the Russian man accused of being administrator of the GameOver Zeus botnet.
The botnet was used to steal online banking credentials from Microsoft Windows computers. It infected more than one million machines globally and about $100m was stolen.
A statement from the US Department of Justice said the US Department of State's Transnational Organized Crime Rewards Program is offering up to $3m as a reward for information leading to the arrest and/or conviction of Evgeniy Mikhailovich Bogachev.
The department described Bogachev as "a Russian national wanted by the Federal Bureau of Investigation for his alleged participation in a major cyber racketeering enterprise."
Although the botnet was dismantled, the US authorities are still looking for the man seen as its kingpin.
Read more about cyber crime
- A variant of the data-stealing Zeus Trojan – best known for targeting online banking – is using a new technique to bypass security systems, researchers have found
- Authorities are seeking a suspected Russian cyber crime kingpin after a worldwide co-ordinated operation of unprecedented scale to shut down botnet command and control servers
- Security experts say the customizable and readily available Zeus Trojan is stealing banking credentials to siphon money from accounts
Assistant attorney general Leslie Caldwell described Bogachev as a significant part of the puzzle, who remains at large.
“Although we were able to significantly disrupt the GameOver Zeus and Cryptolocker criminal enterprise, we have not yet brought Bogachev himself to justice," she said.
Authorities have been looking for Bogachev since June 2014, following a worldwide co-ordinated operation of unprecedented scale to shut down botnet command and control servers.
The Department of Justice warmed that criminals are still developing botnets, and are able to build a new botnet of this type quickly and from scratch.
Earlier in February 2015, a variant of the Zeus Trojan was found by researchers.
On 1 February 2014, US-based Malcovery Security alerted the security community and law enforcement agencies after its researchers identified a varient of the botnet and observed its use trending upwards.