US accuses Russian of helping Kremlin hack Ukraine’s state computer systems

A 22-year-old Russian national is facing charges in the U.S. for allegedly helping Moscow’s military intelligence to hack into Ukraine’s computer systems prior to Russia’s invasion, and later targeting Kyiv’s allies, including the U.S.

According to the Department of Justice, Russian citizen Amin Stigal used malware known as WhisperGate to help Russia’s military intelligence, the GRU, to attack and destroy dozens of Ukrainian government entities’ computer systems in advance of the Russian invasion in 2022. Stigal remains at large. 

WhisperGate is a wiper masquerading as ransomware, which has some similarities to the NotPetya wiper that attacked Ukrainian businesses in 2017. WhisperGate was used by Russia-linked hackers to hit multiple Ukrainian government computers and websites in January 2022. 

“WhisperGate was actually a cyberweapon designed to completely destroy the target computer and related data,” an indictment said.

During the attack on Ukrainian targets, hackers compromised several of the targeted Ukrainian computer systems, exfiltrated sensitive data, including patient health records, and defaced the websites. They also offered the hacked data for sale on the internet.

“The effort was aimed at sowing concern among the broader Ukrainian population regarding the safety of government systems and data,” the Justice Department said. 

The same hackers were also allegedly responsible for an attack on “the transportation infrastructure of a Central European country that was supporting Ukraine.” They also probed computers belonging to a federal government agency in Maryland, according to the indictment.

If convicted, Stigal could face a maximum penalty of five years in prison.

“The Justice Department will continue to stand with Ukraine on every front in its fight against Russia’s war of aggression, including by holding accountable those who support Russia’s malicious cyber activity,” said U.S. Attorney General Merrick B. Garland.