The Justice Department has charged a Russian citizen with conspiring to destroy Ukrainian government computer systems as part of a massive hacking effort carried out by Russia ahead of its illegal invasion of Ukraine.
US prosecutors in Maryland said on Wednesday that Amin Stigall, 22, is wanted for helping set up a server used by Russian government hackers to launch devastating cyberattacks on Ukrainian government ministries in January 2022, a month before the Kremlin ordered tanks and troops to cross Ukraine’s borders.
The cyber attack campaign, known as “Whispergate”, relied on so-called Wiper malware disguised as ransomware but deliberately and irreversibly corrupted data on infected devices. Prosecutors said the cyber attacks were designed to “create concern” among Ukrainian civil society about the security of their government’s systems.
Stigall is also accused of helping hackers working for Russia’s military intelligence unit — known as the GRU — target Ukraine’s allies, including the United States. The indictment against Stigall was unsealed Wednesday.
According to the unsealed indictment, Stigall allegedly used cryptocurrency to pay for and set up servers at an unnamed U.S. company that allowed Russian GRU hackers to launch cyberattacks targeting the Ukrainian government with data-destroying malware.
The indictment alleges that Russian hackers stole a wealth of data from Ukrainian government systems during cyber attacks, including citizens’ health data, criminal records and motor insurance data. The hackers later advertised this data for sale on well-known cybercrime forums.
US prosecutors say Russian hackers also targeted an unnamed US government agency based in Maryland dozens of times between 2021 and 2022 before the invasion, allowing prosecutors in the district to take jurisdiction over the case and charge Stigall.
Later in October 2022, Russian hackers used the same servers set up by Stigall to target the transport sector of an unnamed Central European country that US prosecutors said provided civilian and military aid to Ukraine after the invasion. The incident occurred at the same time as Cyber attack in Denmark in October 2022Due to which there was massive disruption and delay in the country’s railway network at that time.
The US government said It is offering a $10 million reward for information. This led to the location or capture of Stigall, who remains at large and is believed to be in Russia.
If convicted, Stigall could face up to five years in prison.
us-charges-russian-civilian-for-allegedly-helping-gru-spies-target-ukrainian-government-systems-with-data-destroying-malware-techcrunch
