An individual from Russia, aged 22, has been charged in the U.S. for his purported involvement in orchestrating harmful cyber offensives against Ukraine and its associates in the period leading up to Russia’s full-scale military incursion into Ukraine in early 2022.
The individual in question, Amin Timovich Stigal, is suspected to be linked to the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). He is currently evading capture. In the event of a conviction, he could be sentenced to a maximum of five years in prison.
Simultaneously, the U.S. Department of State’s Rewards for Justice program is providing a reward of up to $10 million for any details regarding his location or the malevolent cyber assaults with which he is connected.
“The accused collaborated with Russian military intelligence just prior to Russia’s unfair and unfounded invasion of Ukraine to initiate cyberattacks aimed at the Ukrainian government and subsequently targeting its partners, including the United States,” stated Attorney General Merrick B. Garland.
The assaults involved the deployment of a wiper malware named WhisperGate (also known as PAYWIPE) that was used in intrusions aimed at government, non-profit, and information technology bodies in Ukraine. The attacks were initially detected around mid-January 2022.
“The malware was camouflaged as ransomware but, if activated by the attacker, would render the infected computer system unusable,” stated Microsoft. The technology behemoth is monitoring the cluster under the code name Cadet Blizzard.
As per legal documents, Stigal and his associates purportedly utilized the services of an undisclosed U.S.-based enterprise to disseminate WhisperGate and extract sensitive information, such as patient medical details.
Furthermore, they vandalized websites and marketed the stolen information on illicit online forums in an apparent bid to instill fear among the wider Ukrainian populace regarding the safety of government systems and data.
“From August 5, 2021, through February 3, 2022, the conspirators exploited the same computer network they used in the Ukraine-related assaults to probe computers linked to a federal governmental organization in Maryland in a manner similar to their probing of Ukrainian Government networks,” announced the Justice Department (DoJ).
Florida Resident Found Guilty of Violent Intrusions to Acquire Cryptocurrency
The recent development follows the DoJ’s announcement of the conviction of Remy St Felix, a 24-year-old resident of Florida, for forcibly entering residences, abducting individuals, inflicting violence, and pilfering cryptocurrency. St Felix was apprehended in July 2023.
“Victims of St Felix’s home break-ins were abducted in their own residences and instructed to access their cryptocurrency accounts and empty them,” the agency stated, adding “St Felix and his partners gained illicit access to their targets’ email accounts and conducted surveillance prior to executing the home breach robberies.”
In a particular incident highlighted by the DoJ, St Felix and an accomplice physically assaulted and restricted a victim and their spouse at gunpoint, while the rest transferred over $150,000 in cryptocurrency from the victim’s Coinbase account utilizing the AnyDesk remote desktop software. This brutal event occurred in North Carolina in April 2023.
The stolen digital assets were subsequently laundered through services like Monero and decentralized finance platforms that sidestepped know your customer (KYC) verifications to cover their tracks, with the offenders leveraging encrypted messaging apps to plan their actions.
St Felix, convicted on multiple counts including conspiracy, kidnapping, Hobbs Act robbery, wire fraud, and brandishing a firearm, could face a minimum of seven years in prison and a potential life sentence. His sentencing is scheduled for September 11, 2024.
About Author
