US Offers $10 Million Reward for Russian Intelligence Officers Behind NotPetya Cyberattacks

The U.S. Department of State is offering a reward of up to $10 million for information on the attackers behind the June 2017 “NotPetya” cyberattacks that had a massive impact on companies globally.

The NotPetya malware (also known as PetrWrap, exPetr, GoldenEye and Diskcoder.C) affected tens of thousands of systems around the world, causing billions of dollars in damage.

Global companies including Rosneft, AP Moller-Maersk, Merck, FedEx, Mondelez International, Nuance Communications, Reckitt Benckiser, and Saint-Gobain reported losing hundreds of millions of dollars due to the attack.

Specifically, the U.S. Government is “seeking information on six officers of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU)” for their role in the attacks that impacted U.S. critical infrastructure.

“Rewards for Justice (RFJ) program, which is administered by the Diplomatic Security Service, is offering a reward of up to $10 million for information leading to the identification or location of any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act (CFAA),” an annoucement said.

The U.S. State Department alleges that GRU officers Yuriy Sergeyevich Andrienko (Юрий Сергеевич Андриенко), Sergey Vladimirovich Detistov (Сергей Владимирович Детистов), Pavel Valeryevich Frolov (Павел Валерьевич Фролов), Anatoliy Sergeyevich Kovalev (Анатолий Сергеевич Ковалев), Artem Valeryevich Ochichenko (Артем Валерьевич Очиченко), and Petr Nikolayevich Pliskin (Петр Николаевич Плискин) were members of a group that deployed the destructive NotPetya malware.

According to the State Department, all six work in the GRU’s Unit 74455, also known as Sandworm Team, Telebots, Voodoo Bear, and Iron Viking.

NotPetya was attributed to Russia by several governments in 2018, and a grand jury indicted the six Russian officers for conducting cyberattacks back in October 2020.

Tips can be submitted via the Tor-based tips-reporting channel setup at: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion (Tor browser required).