22-year-old Russian national has been indicted in the United States for allegedly orchestrating destructive cyber assaults against Ukraine and its allies in the days leading up to Russia’s comprehensive military invasion of Ukraine in early 2022.
Amin Timovich Stigal, the accused, is believed to be affiliated with the Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU). He remains at large, facing a potential maximum sentence of five years in prison if convicted.
In tandem with the indictment, the U.S. Department of State’s Rewards for Justice program is offering a reward of up to $10 million for information regarding his whereabouts or the malevolent cyber attacks he is linked to.
“The defendant conspired with Russian military intelligence on the eve of Russia’s unjust and unprovoked invasion of Ukraine to launch cyberattacks targeting the Ukrainian government and later its allies, including the United States,” said Attorney General Merrick B. Garland in a statement.
The attacks involved deploying a wiper malware named WhisperGate (also known as PAYWIPE) in breaches targeting government, non-profit, and IT entities in Ukraine. These incursions were first documented around mid-January 2022.
“The malware masquerades as ransomware but, if activated by the attacker, would render the infected computer system inoperable,” Microsoft stated at the time. The tech giant is monitoring the threat under its weather-themed alias Cadet Blizzard.
Court documents reveal that Stigal and his associates allegedly utilized services from an unnamed U.S.-based company to disseminate WhisperGate and exfiltrate sensitive data, including patient health records.
Furthermore, they defaced websites and listed the stolen information on cybercrime forums, seemingly to instill fear among the Ukrainian populace about the security of government systems and data.
“From August 5, 2021, through February 3, 2022, the conspirators employed the same computer infrastructure used in the Ukraine-related attacks to probe computers belonging to a federal government agency in Maryland in a manner similar to their initial probes of the Ukrainian Government networks,” the Justice Department (DoJ) noted.
Florida Man Convicted for Violent Home Invasion Robberies to Steal Cryptocurrency
This development coincides with the DoJ’s announcement of the conviction of Remy St Felix, a 24-year-old Florida man, for forcibly entering homes, violently kidnapping and assaulting residents, and stealing cryptocurrency. He was apprehended in July 2023.
“Victims from St Felix’s home invasions were kidnapped in their own homes and compelled to access and drain their cryptocurrency accounts,” the agency reported, adding, “St Felix and his co-conspirators gained unauthorized access to their targets’ email accounts and conducted physical surveillance prior to the home invasion robberies.”
In one notable instance, St Felix and an accomplice assaulted, zip-tied, and held a victim and their spouse at gunpoint while others transferred over $150,000 in cryptocurrency from the victim’s Coinbase account using AnyDesk remote desktop software. This brutal event occurred in North Carolina in April 2023.
The stolen digital assets were then laundered through services such as Monero and decentralized finance platforms lacking know-your-customer (KYC) checks to obscure the money trail. The defendants used encrypted messaging applications to plan their activities.
St Felix, convicted of nine counts including conspiracy, kidnapping, Hobbs Act robbery, wire fraud, and brandishing a firearm, faces a minimum sentence of seven years and a maximum penalty of life in prison. Sentencing is scheduled for September 11, 2024.
