US Offers $10 Million Bounty for Information on Russian FSB Hackers
The U.S. Department of State has launched a reward program worth up to $10 million to encourage individuals with information about three Russian Federal Security Service (FSB) officers involved in cyberattacks targeting critical infrastructure organizations across the United States.
Who are the target FSB hackers?
The three FSB officers, Marat Valeryevich Tyukov, Mikhail Mikhailovich Gavrilov, and Pavel Aleksandrovich Akulov, are part of the FSB's Center 16 or Military Unit 71330, which is tracked as Berserk Bear, Blue Kraken, Crouching Yeti, Dragonfly, and Koala Team. These individuals have been linked to a series of malicious cyberattacks against U.S. government agencies, energy companies, and other organizations.
A History of Malicious Activity
In March 2022, the three FBS officers were also charged with their involvement in a campaign that took place between 2012 and 2017, targeting U.S. government agencies, including the Nuclear Regulatory Commission, as well as energy companies like Wolf Creek Nuclear Operating Corporation, which operates a nuclear power plant in Burlington, Kansas.
The State Department warned that these hackers also targeted more than 500 foreign energy companies in 135 other countries, making them a significant threat to global energy security.
Recent Exploits
More recently, the FBI warned that these hackers exploited the CVE-2018-0171 vulnerability in end-of-life Cisco networking devices over the past year to breach companies across U.S. critical infrastructure sectors by remotely executing arbitrary code on unpatched devices.
Cisco, which first detected CVE-2018-0171 attacks almost four years ago, in November 2021, updated its advisory and urged network admins and security teams to patch their devices against attacks as soon as possible.
Global Reach
The Russian state-sponsored hacking group has been aggressively exploiting this security vulnerability to breach unpatched devices belonging to telecommunications, higher education, and manufacturing organizations across North America, Europe, Asia, and Africa.
The same Russian threat group is known for attacking U.S. state, local, territorial, and tribal (SLTT) government organizations and aviation entities over the last decade.
Other Rewards Offered
In June, the U.S. State Department also announced a reward of up to $10 million for information on state hackers tied to the RedLine infostealer malware operation and its suspected creator, Russian national Maxim Alexandrovich Rudometov.
This is not the first time that the U.S. government has offered rewards for information about Russian hackers. The FBI has been tracking a number of Russian threat groups in recent years, including APT29 (also known as Fancy Bear) and Cozy Bear (also known as Medusa).
How to Report Information
Individuals with information about the activities of these three FSB hackers are encouraged to contact Rewards for Justice via the Tor-based tips-reporting channel.
"If you have information on their activities, contact Rewards for Justice via the Tor-based tips-reporting channel," said the State Department. "You could be eligible for a reward and relocation."