The U.S. federal government on Tuesday announced up to $10 million in rewards for information on six hackers connected with the Russian military services intelligence company.
“These men and women participated in malicious cyber routines on behalf of the Russian federal government from U.S. critical infrastructure in violation of the Laptop Fraud and Abuse Act,” the Condition Department’s Rewards for Justice Software mentioned.
All the 6 Russian officers are customers of an sophisticated persistent menace group termed Sandworm (aka Voodoo Bear or Iron Viking), which is regarded to be running considering the fact that at least 2008 with a precise target on concentrating on entities in Ukraine with the aim of establishing an illicit, prolonged-phrase presence in get to mine highly delicate info.
The hacker, who are officers of the Principal Intelligence Directorate of the Normal Team of the Armed Forces of the Russian Federation (GRU), are as follows –
- Artem Valeryevich Ochichenko, who has been joined to complex reconnaissance and spear-phishing campaigns to obtain unauthorized obtain to IT networks of critical infrastructure facilities worldwide
- Petr Nikolayevich Pliskin, Sergey Vladimirovich Detistov, Pavel Valeryevich Frolov, and Yuriy Sergeyevich Andrienko, who are explained to have produced elements of the NotPetya and Olympic Destroyer malware used by the Russian government on June 27, 2017 to infect personal computer methods, and
- Anatoliy Sergeyevich Kovalev, who is accused of creating spear-phishing tactics and messages applied by the Russian federal government to breach pc techniques of critical infrastructure services
On Oct 15, 2020, the U.S. Justice Division indicted the aforementioned officers for carrying out destructive malware attacks with an aim to disrupt and destabilize other nations and lead to financial losses, charging them with conspiracy to dedicate wire fraud and aggravated identification theft.
As element of the initiative, the Benefits of Justice has set up a Tor web page at “he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad[.]onion” that can be utilised to submit guidelines about these threat actors anonymously, or alternatively share the information by using Sign, Telegram, or WhatsApp.
The Sandworm collective was most lately attributed to a now-neutralized advanced botnet malware dubbed Cyclops Blink that ensnared internet-connected firewall equipment and routers from WatchGuard and ASUS.
Other latest hacking activities connected with the group consist of the deployment of an upgraded edition of the Industroyer malware in opposition to large-voltage electrical substations in Ukraine amidst the ongoing invasion.
Found this posting intriguing? Stick to THN on Fb, Twitter and LinkedIn to browse extra exceptional information we write-up.
Some components of this write-up are sourced from: