Get updates delivered to you daily. Free and customizable.
USA TODAY
$10M reward for Russian hacking mastermind who targeted Ukraine
By USA TODAY,
3 days ago
Federal authorities are offering $10 million for help locating a Russian hacker accused of supporting the 2022 invasion of Ukraine by attacking government computers while posing as a common cybercriminal but in fact working with Russian military intelligence.
Amin Timovich Stigal attacked essential, non-military Ukrainian government computer systems before the invasion; published citizen data in an effort to sow doubt in the government; and later went after countries that supported Ukraine, including the U.S., according to a federal indictment filed this week in Maryland, where he targeted a U.S. government agency.
The Chechnya-born hacker ran a malware scheme known as “WhisperGate,” which is meant to look like a common ransomware attack . Federal prosecutors say WhisperGate is actually a “cyberweapon” designed to delete the victims’ data and render target computers inoperable.
Stigal, 22, operated the scheme for the Main Directorate of the General Staff (GRU), an infamous military intelligence agency created under former Soviet dictator Joseph Stalin.
“As alleged, the defendant conspired with Russian military intelligence on the eve of Russia’s unjust and unprovoked invasion of Ukraine,” said Attorney General Merrick B. Garland in a press release. “The Justice Department will continue to stand with Ukraine on every front in its fight against Russia’s war of aggression, including by holding accountable those who support Russia’s malicious cyber activity.”
The Russian operative remains at large. If convicted, he faces up to five years in prison. He is listed among the FBI’s Most Wanted cybercriminals .
Stigal and his unnamed GRU co-conspirators targeted some of the most-used Ukrainian government services in the months leading up to the invasion in February 2022.
The attacks hit at least two dozen protected computers, including at the Ukrainian Ministry of International Affairs, Treasury, Judiciary Administration, Agriculture, Ministry of Energy and State Emergency Service, the indictment says.
WhisperGate cyber hits were disguised to look like the work of a common cybercriminal, not statecraft, and were accompanied by messages demanding $10,000 in Bitcoin to recover stolen data.
But the hackers' real goal was to delete the data and render the state computers inoperable.
GRU hackers aimed directly at Ukrainian citizens as well, stealing the data of 13.5 million users of the government’s Portal for Digital Services (DIIA), an essential website for accessing government services and IDs, and listing it for sale on the darknet, court filings say.
They displayed messages on the DIIA website weeks ahead of the invasion that read, “Ukrainians! All information about you has become public, be afraid and expect the worst. This is for your past, present and future.”
Stigal and his co-conspirators hid their connections to the Russian government by using false identities, making false statements and using a network of computers around the world, including the U.S., according to the indictment. They funded their operations using Bitcoin.
Stigal began working with the GRU in December 2020, the indictment says.
Stigal and his WhisperGate co-conspirators began attacking countries supporting Ukraine following the invasion, including the U.S., according to the indictment.
The group went after the transportation infrastructure of an unnamed Central European country instrumental in delivering aid to Ukraine and a Maryland-based U.S. government agency.
Baltimore FBI agents investigating did not respond to questions about what government agency the group targeted.
Stigal and the hackers probed public-facing agency websites 63 times, according to the agency.
Get updates delivered to you daily. Free and customizable.
Welcome to NewsBreak, an open platform where diverse perspectives converge. Most of our content comes from established publications and journalists, as well as from our extensive network of tens of thousands of creators who contribute to our platform. We empower individuals to share insightful viewpoints through short posts and comments. It’s essential to note our commitment to transparency: our Terms of Use acknowledge that our services may not always be error-free, and our Community Standards emphasize our discretion in enforcing policies. We strive to foster a dynamic environment for free expression and robust discourse through safety guardrails of human and AI moderation. Join us in shaping the news narrative together.
Comments / 0