BREAKING AT&T Data Breach: ‘Nearly All’ Wireless Customers Exposed in Massive Hack
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Malware & Threats

US Announces Charges, Reward for Russian National Behind Wiper Attacks on Ukraine

The US Justice Department has announced charges against Amin Stigal for conducting wiper cyberattacks on Ukraine in 2022.

Use of OT Cyberattack in Russia Ukraine War

The US Department of Justice has announced charges against a Russian national for his alleged role in a series of disruptive cyberattacks against Ukraine ahead of Russia’s full-scale invasion in February 2022.

The individual, Amin Timovich Stigal, is believed to be a member of Cadet Blizzard, a state-sponsored threat actor also known as DEV-0586 and Ruinous Ursa, which operates on behalf of Russia’s military intelligence (the Main Intelligence Directorate of the General Staff (GRU) of Russia).

According to court documents, the 22-year-old Stigal conspired to use a US company’s services to distribute WhisperGate to the systems of dozens of Ukrainian government entities.

A Master Boot Record (MBR) wiper masquerading as ransomware, WhisperGate was first seen on victim systems on January 13, 2022, but the attacks had been prepared months in advance.

The US attributed the attacks to Russia in May 2022 and released indicators of compromise (IOCs) associated with WhisperGate and other Russian malware families used in attacks against Ukraine.

Stigal and other conspirators, according to court documents, infected multiple Ukrainian government networks with the intent to completely destroy the target computers and related data. Additionally, the attackers exfiltrated sensitive data, defaced websites, and offered the stolen information for sale on the internet, to cast doubt on the safety of Ukrainian government systems and data.

In August 2022, Stigal was allegedly involved in hacking the transportation infrastructure of a Central European country supporting Ukraine.

Between August 2021 and February 2022, the Justice Department said Stigal and members of GRU abused the services of the same US-based company to probe the systems of a federal government agency in Maryland using the same methods used in the attacks against the Ukrainian government.

Advertisement. Scroll to continue reading.

Stigal remains at large, but the US is willing to pay a reward of up to $10 million for information on his whereabouts. If convicted, he faces up to five years in prison.

“The defendant conspired with Russian military intelligence on the eve of Russia’s unjust and unprovoked invasion of Ukraine to launch cyberattacks targeting the Ukrainian government and later targeting its allies, including the United States. The Justice Department will continue to stand with Ukraine on every front in its fight against Russia’s war of aggression,” Attorney General Merrick B. Garland said.

Related: The EU Targets Russia’s LNG Ghost Fleet With Sanctions

Related: EU Sanctions Six Russian Hackers

Related: Google, Microsoft: Russian Threat Actors Pose High Risk to Paris Olympics

Related: Europe’s Cybersecurity Chief Says Disruptive Attacks Have Doubled in 2024

Written By

Ionut Arghire is an international correspondent for SecurityWeek.

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Learn how to utilize tools, controls, and design models needed to properly secure cloud environments.

Register

Event: ICS Cybersecurity Conference

The leading industrial cybersecurity conference for Operations, Control Systems and IT/OT Security professionals to connect on SCADA, DCS PLC and field controller cybersecurity.

Register

People on the Move

ICS and OT cybersecurity solutions provider TXOne Networks appoints Stephen Driggers as new CRO

Identity orchestration provider Strata Identity appoints Aldo Pietropaolo as Field CTO

Cybersecurity provider for the aviation industry Cyviation has appointed Eliran Almog as Chief Executive Officer.

More People On The Move

Expert Insights