A Russian hacker is indicted for crippling cyberattacks on Ukraine before the 2022 invasion. He’s accused of working with the GRU & using WhisperGate malware. The FBI is offering a $10 million reward for his capture.
A federal grand jury in Maryland has indicted Amin Timovich Stigal, a 22-year-old Russian hacker, for his involvement in a conspiracy to hack into Ukrainian cyberinfrastructure and destroy computer systems and data.
The Charges and Allegations
Stigal, who remains at large, is accused of collaborating with the Main Intelligence Directorate of the General Staff (GRU) of the Russian Federation. The GRU, known for its clandestine operations, is alleged to have utilised Stigal’s expertise to launch cyberattacks targeting Ukrainian government systems in the months leading up to Russia’s full-scale invasion of Ukraine in February 2022. These attacks aimed to cripple non-military government systems critical to Ukraine’s infrastructure.
“The defendant conspired with Russian military intelligence on the eve of Russia’s unjust and unprovoked invasion of Ukraine to launch cyberattacks targeting the Ukrainian government and later targeting its allies, including the United States,” said Attorney General Merrick B. Garland stated in a DoJ’s press release.
Details of the Cyberattacks
Court documents reveal that in January 2022, Stigal and his co-conspirators used malware known as “WhisperGate” to infect the computers of multiple Ukrainian government entities. WhisperGate was designed to appear as ransomware but was a destructive cyberweapon intended to obliterate the target computers and data.
The targets included critical departments such as the Ukrainian Ministry of International Affairs, the State Treasury, and the Ministry of Education and Science and nine others. In addition to the malware attacks, the hackers stole sensitive information such as patient health records, and defaced websites to instil fear among the Ukrainian populace. Messages on compromised sites warned, “Ukrainians! All information about you has become public, be afraid and expect the worst.”
International Impact and Further Attacks
The cyber offensive did not stop at Ukraine. Following the invasion, Stigal’s group allegedly targeted computer systems in countries supporting Ukraine, including a U.S. government agency based in Maryland and the transportation infrastructure of a Central European country aiding Ukraine. These attacks were part of a broader strategy to disrupt international support for Ukraine.
Assistant Attorney General Matthew G. Olsen emphasised the broader implications: “The GRU has repeatedly applied in cyberspace Russia’s statecraft of indiscriminate destruction and intimidation.”
The U.S. government, recognizing the severity of the threat, has offered a $10 million reward for information leading to Stigal’s capture. He is now listed among the FBI’s Most Wanted cybercriminals.
The FBI, leading the investigation, has reaffirmed its commitment to combating cyber threats. “Today’s indictment demonstrates the FBI’s unwavering commitment to combat malicious cyber activities by our adversaries,” said FBI Deputy Director Paul Abbate. “We will continue to work with our international partners to thwart attempts to undermine and harm our allies.”