The US offers a $10 million reward for the intel on Russian hackers

The US offers money to anyone who can identify or locate six Russian GRU hackers from Sandworm hacking group

Intel on Russian hackers can be rewardedThe US releases an announcement that information on Sandworm hackers could be rewarded for $10 million

The government promises the reward of $10 million for any information on these hackers associated with the Russian military intelligence service. The announcement[1] areas that these hackers participated in malicious cyberattacks on behalf of the Russian government against the critical infrastructure in the US. This is a violation of the Computer Fraud and Abuse act, so the State Department's Rewards for Justice Program issued this reward for the information.[2]

All six of them are members of the threat group named Sandworm, also known as Voodoo Bear or Iron Viking. The hacker team is known for operating since 2008 with a particular focus on targeting entities in Ukraine. The goal of these Russian hackers is to establish a long-term presence to, later on, gather valuable and highly sensitive data.

These hackers worked in the cyber-focused unit of the Russian Intelligence Directorate – GRU and were involved in these operations and global malware attacks. One of them, in 2017 infected the computers of private U.S entities, including the hospital system. The NotPetya cyberattack disrupted infrastructure and damaged computers in Ukraine and other countries like Germany, France, and Italy.[3] These operations caused billions of dollars in damage.

The six hackers involved in major cyber attacks

Artem Valeryevich Ochichenko. The guy that has been linked to various attacks like spear-phishing campaigns and technical reconnaissance. The attacks helped to gain access to IT networks of the targeted infrastructures across the globe.

Petr Nikolayevich Pliskin, Sergey Vladimirovich Detistov, Pavel Valereyevich Frolov, Yuriy Sergeyevich Andrienko are the ones the developed parts used in NotPetya and Olympic Destroyer malware.[4] These viruses were used by the Russian government in the June 27th, 2017, attacks.

Anatoliy Sergeyevich Kovalev was the one the developed various messages and phishing attacks that the Russian government used to breach computer systems of critical facilities and infrastructures. These hackers were indicted in 2020 for the operations to enter the Sandworm hacker group name.[5] They got charged with conspiracy to conduct computer fraud and abuse, conspiracy to commit wire fraud and damage protected computers, and identity theft.

Operations of the Sandworm hacker group

The group is known for particularly targeted attacks against Ukraine. They have released malware gainst eh electric power grid, Ministry of Finance, State Treasury Service. Hacker used BlackEnergy malware, Industroyer, and KillDisk viruses. In 2017 in April and May, these criminals released spear-phishing campaigns related to hack-and-leak efforts that targeted the French President Macron and his political party, other politicians, and governments right before the French elections of 2017.

The same year of 2017 was the time when the destructive malware attacks infected computers worldwide, so hospitals and medical facilities in the US suffered huge losses coming up to billions. The NotPetya attacks were followed by the spearphishing campaign that started in December of the same year, where malicious mobile applications targeted South Korean citizens and officials.

The last known cybersecurity attacks in 2022 are the operations on the large Ukrainian energy provider with the new version of the previously knownIndustroyer malware. The piece of virus developed for the industrial control systems and a new version of the CaddyWiper malware that is deleting files.

About the author
Gabriel E. Hall
Gabriel E. Hall - Passionate web researcher

Gabriel E. Hall is a passionate malware researcher who has been working for 2-spyware for almost a decade.

Contact Gabriel E. Hall
About the company Esolutions