US promises $10 million for Russian hacker who hacked Diya: what is known
1 July 2024 15:08
The federal government is offering a $10 million reward for help in finding Amin Timovic Stigal, who is accused of hacking Diya. This was reported by "Komersant Ukrainian", citing the US Federal Bureau of Investigation and a number of US media outlets.
The Washington Post writes that the planned attack, known as WhisperGate, also targeted one of Ukraine’s allies in Central Europe and included attempts to survey US government facilities in Maryland.
Last week, a federal grand jury indicted Russian Amin Stigal on charges of conspiracy to commit fraud by hacking and destroying computer systems.
The U.S. District Court in Maryland issued an arrest warrant for 22-year-old Stigal, who, according to prosecutors, remains at large.
“The Department of Justice will continue to support Ukraine on all fronts in its fight against Russia’s war of aggression, including holding accountable those who support Russia’s malicious cyber activity,”
– said US Attorney General Merrick Garland in a statement announcing the indictment.
According to the FBI’s website, Amin Timovich Stigal, born in 2002, is a native of the Chechen capital, Grozny, and between August 2021 and February 2022, he participated in “criminal cyber activity” that led to the destruction of Ukrainian critical infrastructure computer systems in the run-up to Russia’s invasion of Ukraine.
In addition, according to the FBI, he allegedly participated in a conspiracy to harm the cyber systems of the United States government and private sector infrastructure.
In the indictment, federal authorities allege that Stigal worked with Russian military intelligence officers from the Main Intelligence Directorate of the Russian General Staff to conduct the agency’s cyberattack operations in foreign countries.
According to court documents, the WhisperGate campaign began about a month before Russia’s invasion of Ukraine in February 2022, when Stigal hacked into the computers of dozens of Ukrainian government agencies, including those dealing with “critical infrastructure”, at the direction of the Russian military.
The WhisperGate attacks were disguised to look like the work of ordinary cybercriminals, not state agents, and were accompanied by messages demanding $10,000 in bitcoin to recover the stolen data. But in fact, according to the prosecution, the files were completely deleted.
WhisperGate also stole and leaked personal data, including the medical records of thousands of Ukrainians, which, according to the US authorities, was intended to “sow concern among Ukrainian citizens” about the security and reliability of their government’s systems.
In a separate incident in January 2022, federal prosecutors alleged that the Ukrainian website of the State Digital Services Portal was hacked to display a message in Polish, Russian and Ukrainian: “Ukrainians! All information about you has become public, be afraid and expect the worst. This is for your past, present and future”.
Hours after the attack, prosecutors claimed that Stigal and the military tried to sell the data, which included criminal records and information about patients’ health.
In October 2022, Stigal and the Russian military also hacked into the transport infrastructure of a Central European country, not named in court documents, which had been supporting Ukraine by providing civilian and military assistance.
The court documents state that on 13 January 2022, the attackers posted the data of allegedly 13.5 million users for illegal sale on the Internet.
The press service of Diia explained to Voice of America that the 13 million data in question is “a compilation of various databases that were merged much earlier from private companies”, and Diia had 1.5 million users at the time.
“In 2022, a database was posted on the darknet under the guise of data from Diia,”
– diia’s press service comments.
“This was immediately detected by the Ukrainian special services, so the materials were purchased and analysed. At the time, Diia had only 1.5 million users. Experts studied the materials in detail and found that 13 million data were a compilation of various databases that had been merged from private companies much earlier,”
– said the press service of Diia.
