The U.S. Department of Justice charged six Russian nationals with hacking attacks against infrastructure in France, South Korea, Ukraine and the United States. All of them, according to the department, were officers in the GRU’s Military Unit 74455.
Six Russian GRU Officers Charged in Connection with Worldwide Deployment of Destructive Malware and Other Disruptive Actions in Cyberspacehttps://t.co/ZbhfWRnU72
— Justice Department (@TheJusticeDept) October 19, 2020
According to the DOJ, the hackers used malware KillDisk, Industroyer, the NotPetya ransomware and Olympic Destroyer. The damage from NotPetya is estimated at $1 billion.
Among the accused are: Yuri Sergeevich Andriyenko, Sergey Vladimirovich Detistov, Pavel Valeryevich Frolov, Anatoly Sergeevich Kovalev, Artem Valeryevich Ochichenko and Petr Nikolayevich Pliskin. They are linked to groups such as Sandworm Team, Telebots, Voodoo Bear and Iron Viking.
Charges include criminal conspiracy, fraud using electronic communications, aggravated theft of personal data, hacking computer systems and registration of domain names with false information.
The indictment states that the hackers paid for servers and domain names in bitcoins to conceal their true identities.
Unsealed Indictment — Russian hackers by ForkLog on Scribd
Their guilt now must be proven in court.
Earlier in 2018, the U.S. Department of Justice released an indictment against 12 Russian GRU officers who used cryptocurrencies to interfere in the 2016 U.S. presidential campaign.
Special Counsel Mueller: GRU officers are accused of interfering in U.S. elections using cryptocurrencies
According to analysts, transactions were conducted through the BTC-e exchange.
In late July the EU imposed sanctions against four alleged GRU officers for the attack on the Organisation for the Prohibition of Chemical Weapons (OPCW) in the Netherlands in 2018. The GRU’s Main Center for Special Technologies was also added to the sanctions list.
In September, the U.S. Treasury’s Office of Foreign Assets Control (OFAC) indicted in absentia a Russian Artem Lifshits in a bid to steal Americans’ personal data and open shell banking and cryptocurrency accounts. The U.S. Treasury imposed sanctions on cryptocurrency addresses tied to this case.
Subscribe to ForkLog’s Telegram news: ForkLog Feed — all the news, ForkLog — the most important news and polls.