U.S. charges seven Russian GRU officers with international hacking, disinformation
A grand jury in the Western District of Pennsylvania has indicted seven defendants, all officers in the Russian Main Intelligence Directorate (GRU), a military intelligence agency of the General Staff of the Armed Forces of the Russian Federation, for computer hacking, wire fraud, aggravated identity theft, and money laundering.
"The defendants, all Russian nationals and residents, are Aleksei Sergeyevich Morenets, 41, Evgenii Mikhaylovich, Serebriakov, 37, Ivan Sergeyevich Yermakov, 32, Artem Andreyevich Malyshev, 30, and Dmitriy Sergeyevich Badin, 27, who were each assigned to Military Unit 26165, and Oleg Mikhaylovich Sotnikov, 46, and Alexey Valerevich Minin, 46, who were also GRU officers," the U.S. Department of Justice has said in a statement on October 4.
The indictment alleges that defendants Yermakov, Malyshev, Badin, and unidentified conspirators, often using fictitious personas and proxy servers, researched victims, sent spearphishing emails, and compiled, used, and monitored malware command and control servers.
According to the indictment, beginning in or around December 2014 and continuing until at least May 2018, the conspiracy conducted persistent and sophisticated computer intrusions affecting U.S. persons, corporate entities, international organizations, and their respective employees located around the world, based on their strategic interest to the Russian government.
Among the goals of the conspiracy was to publicize stolen information as part of an influence and disinformation campaign designed to undermine, retaliate against, and otherwise delegitimize the efforts of international anti-doping organizations and officials who had publicly exposed a Russian state-sponsored athlete doping program and to damage the reputations of athletes around the world by falsely claiming that such athletes were using banned or performance-enhancing drugs.
In particular, the GRU Russian officers are behind cyber attacks on the World Anti-Doping Agency (WADA), FIFA, the International Court of Arbitration for Sport, the United States Anti-Doping Agency (USADA), the leading electrical engineering company Westinghouse Electric Corp. The motive for the cyberattack on WADA, in particular, was an anti-doping investigation against Russia, the U.S. Department of Justice said.
The Dutch government earlier accused Russia's military intelligence agency, the GRU, of targeting the world's chemical weapons watchdog, the Organisation for the Prohibition of Chemical Weapons (OPCW), through a foiled cyber operation.
The head of Dutch counterintelligence, Maj. Gen. Onno Eichelsheim, named the four alleged Russian officers as Aleksei Morenets and Evgenii Serebriakov – who had consecutive passport numbers, he said – Oleg Sotnikov and Alexey Minin.
They are reportedly involved in preparations for a cyberattack on the OPCW and an attempt to interfere with the investigation into the downing of Malaysia Airlines Flight 17 in eastern Ukraine in 2014.
The four were expelled from the Netherlands on April 13, 2018.