US authorities have imposed sanctions on two Russian cybercriminals, targeting their involvement in cyberattacks aimed at critical infrastructure.
According to reports, two designated individuals, Yuliya Vladimirovna Pankratova and Denis Olegovich Degtyarenko, are prominent figures within the Russia-affiliated hacking collective known as Cyber Military of Russia Reborn (CARR).
According to online sources, Pankratova, also known as ‘Yuliya,’ is purportedly the leader of CARR, overseeing its operatives and serving as their public face.
Degtyarenko, alias “Dena,” purportedly serves as a key player in CARR’s hacking operations, bringing malicious activities to fruition and crafting educational materials for aspiring cybercriminals.
The Russian-backed hacking group CARR initiated its malicious activities in 2022 by orchestrating a series of distributed denial-of-service (DDoS) attacks, primarily targeting Ukraine and its international supporters.
By the end of 2023, the risk group significantly expanded its activities, focusing intensely on applying industrial-grade tactics to critical infrastructure sites, including water treatment facilities and energy providers, in both the US and Europe?
In early 2024, the notorious hacker group CARR publicly claimed responsibility for compromising the Supervisory Control and Data Acquisition (SCADA) system of a United States-based energy agency and manipulating a critical water storage facility in Texas, sharing evidence of their infiltration through a video demonstration.
Despite Carr’s lack of direct harm caused by their actions, the significant risk they pose warrants legal intervention.
“CARR’s emphasis on critical infrastructure poses an unacceptable risk to residents and communities, with potentially devastating consequences,” said Brian E., Treasury’s Undersecretary for Terrorism. Nelson.
“The United States will take decisive action against those responsible for malicious cyber attacks, leveraging all available tools at our disposal.”
Due to the imposed sanctions, US-based properties and interests connected to the designated individuals are effectively frozen, with most transactions severely restricted.
Furthermore, U.S. individuals are strictly prohibited from engaging in financial transactions with these two designated hacktivist entities, while any financial institution found to be collaborating with them could be subject to severe penalties and potential fines.
While sanctions alone may not guarantee the extradition of individuals without US agreement, they can effectively isolate and pressure targets, disrupt cybercrime operations, and serve as a deterrent to other would-be collaborators.
The US Treasury notes the instances of Egor Petrachkov, the leader of the LockBit ransomware operation, sanctioned in May 2024, as well as Viktor Politekin, a Russian national and member of the REvil ransomware group, sanctioned in January 2024.
In March 2024, a similar method was employed as a countermeasure against Chinese state-sponsored hackers from the notorious APT31 threat actor group.
