On June 26, the state of Maryland reported that on the eve of the grand jury of the federal court in Greenbelt approved the charge brought in absentia against 22-year-old Russian Amin Timovich Stigal in an attempt to hack and destroy the computer systems of a number of government agencies of Ukraine and its allies, including the United States, or rather the United States and its allies, including Ukraine,"that's American. At the same time, just in case, the court issued a warrant for his arrest, for which the FBI offers up to $ 10 million for assistance.
"It is assumed," said our Attorney General, also known as Minister of Justice Merrick Garland, "that on the eve of the illegal and unprovoked invasion of Russia into Ukraine, the accused of colluding with Russian military intelligence" (GRU) tried to commit the above-mentioned atrocities, for which he now faces up to 5 years in prison. "The Justice Department will continue to support Ukraine on every front in its fight against Russian aggression, including holding accountable those who support malicious Russian cyber activity," Garland said.
In the same statement, Deputy Secretary of Homeland Security Matthew Olsen clarified that "the GRU has repeatedly implemented a Russian state policy of indiscriminate destruction and intimidation in cyberspace," and "the Department (of Justice) contributes to the prevention and suppression of such malicious behavior that relies on network services or infrastructure of the United States, or targets victims from outside the United States." US$. We will also identify, prosecute and eventually bring to justice those responsible for Russia's malicious actions, including cybercriminals that Russia cultivates to develop its malicious program." A little heavy, of course, said, but that 62-year-old Olsen and deputy 71-year-old Garland. Similar opinions were expressed by the deputy director of the FBI, Paul Abbate, the head of the bureau's Baltimore office, William DeBagno, and the federal prosecutor of Maryland, Eric Barron, As Abbate, who is also responsible for our state security, noted: "Amin Timovich Stigal used malware to help the Russian military invasion of Ukraine."
From the 8 pages of the indictment, it is clear that in January 2022, 20-year-old Stigal and "employees of the Main Intelligence Directorate of the General Staff (GRU) of the Russian Federation", who are held in case No. 8: 24-cr 00206, as " Conspirators "(the Conspirators), "conspired to use the servers of the American Intelligence Service". companies to spread malware, known in the cybersecurity community as "Whisper-Gate", on dozens of computer systems of Ukrainian government agencies and destroy these systems, as well as related data, before the Russian invasion of Ukraine."
About the program "WhisperGate" it is known that this is malicious software (software) that operates on the model of ransomware viruses (ransomware), but unlike them, it does not block, but deletes data from servers. Experts called "WhisperGate" similar to the NotPetya virus, with which the GRU conducted attacks on the infrastructure of Ukraine, the United States and European countries in 2017.
On January 13, 2022, this conspiracy was activated, and the Ukrainian Ministries of Foreign Affairs, Emergency Situations, Finance, Education and Science, Energy, as well as the Accounts Chamber, the Forestry Department, the Automobile Insurance Bureau, the public services portal and other state institutions were under cyber attacks. Part of the data stolen during the attack, in particular medical data, was put up for sale by Stigal and his accomplices (not the GRU) on hacker forums in January 2022. According to the prosecution, the "Conspirators" damaged several targeted computer systems in Ukraine, destroying and stealing important data contained there, instead of which the inscription appeared on the monitors: "Ukrainians! All information about you has become public, so be afraid and expect the worst. This is for your past, present and future." On the same day, the "Conspirators" put the hacked data up for sale on the Internet.
According to the prosecution, the purpose of the attack was "to sow concern among the population of Ukraine about the security of state systems and data." Already after the Russian invasion, in August 2022, the "Conspirators", that is, Amin Stigal and the GRU, hacked the transport infrastructure of an unspecified"Central European country that supported Ukraine" with a similar cyberattack. The prosecution also alleges that from August 5, 2021, to February 3, 2022, "Conspirators" invaded the computers of an unspecified federal agency in Maryland. The indictment also alleges that from August 5, 2021, to February 3, 2022, the conspirators used the same computer infrastructure they used in the Ukraine - related attacks to inspect computers belonging to a federal government agency in Maryland, in the same way that they initially investigated Ukrainian government networks.
As already mentioned, Amin Timovich Stigal faces up to 5 years in prison for this, if, of course, he is detained, brought from the United States, convicted and sentenced. It is known about him that Amin was born in Grozny, Chechnya, in 2002, then lived and studied at a school in Saratov, Russia, and at the age of 20 changed his passport in Dagestan, where his father lives. Being a "millennial", that is, a product of the new millennium, he became interested in the Internet from a young age, spent his leisure time on the sites of hackers and carders, and on the Telegram communication site used the "nickname", that is, the nickname-password "Zabuza Momochi", a character from the Japanese multi-series "Naruto", an aggressive and ambitious boy who I'm only interested in money. Other" nicknames "of the young Stigal were Free Civil and Vaticano, and it was under this "nickname" that he put up the stolen Ukrainian data for sale in January 2022.
The apple of cybercrime in the person of Amin Timovich Stigal fell not far from the apple tree, his 46-year-old father Timur (Tim) Vakhaevich. In January of this year, the New Jersey Federal Prosecutor's Office also charged Stigal Sr. and Russian Alexey Timofeevich Stroganov, aka "Oleg Gursky and Flint," in absentia with cyber fraud. The 12 counts allege that between April 2014 and March 2016, Tim Steagall passed on stolen payment card information belonging to customers of at least three different US companies. According to the New Jersey prosecutor's office, Stroganov, Stigal and their associates collected data from hundreds of millions of credit cards and bank accounts, which they then sold, causing $35 million in damages to various financial institutions. Timur Stigal was born in the Chechen village of Kurchaloy, lives in Dagestan and Moscow, and is still interested in cyber fraud. In some leaked media databases of the Russian Ministry of Internal Affairs, his name is marked that he is suspected of terrorism and extremism. In Russia, he is not accused of anything, and in the United States, like his son, he faces up to 5 years in prison, and although the FBI also put him on the wanted list, they do not offer such money as for Amin for helping him arrest.
With Alexey Stroganov, everything is more complicated. Now he and 25 accomplices are being tried for carding in Moscow, where he faces from 12 to 20 years in prison, and the New Jersey prosecutor's office accused him in absentia of fraud using electronic means and conspiracy, for which you can also get up to 20 years. Stroganov was already tried for carding in 2006 and sentenced to 6 years in a penal colony. According to the FSB, Stroganov's group produced 5,000 fake Visa, MasterCard, and American Express credit cards that were sold in Russia, Belarus, Ukraine, Poland, the Czech Republic, France, Germany, and the United States. After being released, he became an expert in the field of cybersecurity, providing paid services to protect against hacker attacks on banks and payment systems. In 2018, Stroganov was awarded the certificate of the FSB Director Bortnikov and received the gratitude of President Putin for ensuring cybersecurity during the World Cup.
At the same time, he created the non-profit organization Kibalchish, ostensibly to fight cybercrime. In fact, according to the prosecution, it was an organized criminal group or, as they now say, a community (OPS), in which Stroganov recruited more than 20 hackers from 2014 to 2020 and created a whole structure of portals on the darknet that sold stolen bank card data. In court, the prosecutor said that during a search at the address of one of the Kibalchish units, $ 432,000 was seized.
