A 22-year-old Russian citizen has been indicted in the US for his alleged role in orchestrating devastating cyber attacks against Ukraine and its allies in the days leading up to Russia’s full-scale military invasion of Ukraine in early 2022.
The accused Amin Timovich Stigall is assessed as an employee of the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). He remains at large. If convicted, he faces a maximum sentence of five years in prison.
The US State Department’s Rewards for Justice program is being held simultaneously with the action proposal a reward of up to $10 million for information relating to his location or malicious cyber attacks to which he is linked.
“The defendant conspired with Russian military intelligence on the eve of Russia’s unjustified and unprovoked invasion of Ukraine to carry out cyber attacks against the Ukrainian government and later against its allies, including the United States.” said Attorney General Merrick B. Garland said in a statement.
The attacks involved the use of malware codenamed Wiper WhisperGate (aka PAYWIPE) which was used in invasions focused on government, non-commercial and information technology organizations in Ukraine. Attacks were first reported around mid-January 2022.
“The malware is disguised as ransomware, but if activated, the attacker will disable the infected computer system,” Microsoft said at the time. The tech giant tracks the cluster under a weather-themed moniker Cadet Blizzard. It is also called Ruinous Ursa.
According to court documents, Stigall and others used the services of an unnamed US company to spread WhisperGate and steal sensitive data, including patient medical records.
They also defaced websites and put the stolen information up for sale on cybercrime forums, apparently in an effort to raise concerns among the wider Ukrainian population about the security of government systems and data.
“Between August 5, 2021 and February 3, 2022, the conspirators used the same computer infrastructure they used in the Ukraine-related attacks to probe computers belonging to a federal government agency in the state of Maryland in the same manner as they originally Ukrainian state networks were checked,” the Ministry of Justice (DoJ) said.
A Florida man has been convicted of a forced home invasion to steal crypto
The event comes a day after the Department of Justice announced the conviction of Remy St. Felix, a 24-year-old Florida resident, for home invasion, aggravated kidnapping and assault, as well as cryptocurrency theft. He was detained in July 2023.
“Victims of the St. Felix home invasions were kidnapped from their own homes and told to access and drain money from their cryptocurrency accounts,” the agency said. saidadding that “St. Felix and his associates gained unauthorized access to their targets’ email accounts and conducted physical surveillance prior to the attempted home robberies.”
In one case cited by the Justice Department, St. Felix and an associate assaulted, zip-tied and held a victim and her husband at gunpoint while others transferred more than $150,000 in cryptocurrency from the victim’s Coinbase account using AnyDesk remote desktop. software. A violent incident took place in North Carolina in April 2023.
The stolen digital assets were then laundered through services such as Monero and decentralized financial platforms that did not perform Know Your Customer (KYC) checks to cover their tracks, and the accused used encrypted messaging programs to develop their schemes.
St. Felix, who was convicted of nine counts of conspiracy, kidnapping, Hobbs Act robbery, wire fraud and brandishing a firearm, faces a minimum sentence of seven years in prison and a maximum sentence of life in prison. He should be sentenced on September 11, 2024.
