The US State Department offered a reward of 10 million dollars for information on six hackers working for the GRU, Russia’s military intelligence service.
According to the indictment filed against six Russian hackers in 2020, they are involved in the emergence and spread of malware NotPetya. All of them have been linked to the infamous hacker group Sandworm.
U.S. officials said earlier that NotPetya’s malware caused $ 10 billion in damage worldwide, and a statement released yesterday said the U.S. organization’s malware cost a total of nearly $ 1 billion.
GRU officers Yuri Sergeyevich Andrienko, Sergei Vladimirovich Detistov, Pavel Valeyevich Frolov, Anatoly Sergeyevich Kovalev, Artem Valeyevich Ochichenko and Petar Nikolayevich Pliskin have been charged under the Computer Fraud and Abuse Act (CFAA) with attacks on critical infrastructure.
Six members of the GRU operated under Unit 74455, which some cybersecurity researchers also call the Voodoo Bear, the Telebots and the Iron Viking.
In 2020, hackers were charged with a number of crimes related to attacks on Ukraine, Georgia, France and South Korea.
In addition to NotPety’s malware, the group used destructive malware such as KillDisk and Industroyer to cause power outages in Ukraine. They also used Olympic Destroyer malware to attack systems used during the 2018 Pyongyang Winter Olympics, and in 2017 they carried out attacks on French organizations then supporting President Emanuel Macron.
The US government says Andrienko, Pliskin, Detistov and Frolov have developed components of NotPety’s malware, Olympic Destroyer and KillDisk, while Kovalev and Ochichenko managed spear phishing campaigns which targeted the IOC, athletes, official partners of the 2018 Winter Olympics in Pyongyang, and government officials from France and Georgia.
Kovalev has already been accused in the United States of hacking organizations related to the conduct of the 2016 presidential elections in the United States.
According to a statement from the Ministry of Justice, the group also caused damage to computer systems in the Netherlands and Great Britain.
Since the beginning of the invasion of Ukraine, Sandworm has been involved in a series of attacks on Ukraine’s critical infrastructure and state institutions.
Two weeks ago, U.S. Attorney General Merrick Garland announced that the U.S. had shut down a global botnet command and control server (C2) with thousands of infected devices believed to be controlled by the Sandworm group.
Source: Informacija.rs by www.informacija.rs.
*The article has been translated based on the content of Informacija.rs by www.informacija.rs. If there is any problem regarding the content, copyright, please leave a report below the article. We will try to process as quickly as possible to protect the rights of the author. Thank you very much!
*We just want readers to access information more quickly and easily with other multilingual content, instead of information only available in a certain language.
*We always respect the copyright of the content of the author and always include the original link of the source article.If the author disagrees, just leave the report below the article, the article will be edited or deleted at the request of the author. Thanks very much! Best regards!