Justice Department files criminal charges against seven Russian spies over Fancy Bear cyberattacks

U.S. prosecutors have charged seven suspects accused of working for the Russian GRU, the country’s military intelligence unit.

The Justice Department’s National Security Division alleged the seven hackers were part of “a conspiracy to use computer hacking to obtain non-public, health information about athletes and others in the files of anti-doping agencies in multiple countries, and release of stolen information selectively and sometimes misleadingly.”

Prosecutors accused the seven Russian residents — charged with several counts of computer fraud and abuse and money laundering — of hacking into the World Anti-Doping Agency and several media outlets, among others. The U.S. also accuses the hackers of carrying out a massive disinformation campaign in the run-up to the 2016 presidential election — including stealing documents believed to belong to the Democratic National Committee.

The suspects named as GRU officers are Aleksei Sergeyevich Morenets, 41, Evgenii Mikhaylovich Serebriakov, 37, Ivan Sergeyevich Yermakov, 32, Artem Andreyevich Malyshev, 30, and Dmitriy Sergeyevich Badin, 27, who were each assigned to Military Unit 26165, and Oleg Mikhaylovich Sotnikov, 46, and Alexey Valerevich Minin, 46.

The indictment accused the hackers of “often using fictitious personas and proxy servers,” and said they “researched victims, sent spearphishing emails, and compiled, used, and monitored malware command and control servers.”

“As part of its influence and disinformation efforts, the Fancy Bears’ Hack Team engaged in a concerted effort to draw media attention to the leaks through a proactive outreach campaign,” prosecutors said. (Fancy Bear is also widely known as APT28.) “The conspirators exchanged e-mails and private messages with approximately 186 reporters in an apparent attempt to amplify the exposure and effect of their message.”

The government said the hacking efforts were part of a Russian government campaign set on “muddying or altering perceptions of the truth.”

Among the victims was a nuclear energy company. Prosecutors also pinned the BadRabbit ransomware attack on the named hackers.

“The actions of these seven hackers, all working as officials for the Russian government, were criminal, retaliatory, and damaging to innocent victims and the United States’ economy, as well as to world organizations,” said FBI director Christopher Wray. Their actions extended beyond borders, but so did the FBI’s investigation.

Three of the named Russians were also charged earlier this year as part of Special Counsel Robert Mueller’s probe into Russian interference in the 2016 election.

Although it’s not the first time that Russia has been linked or suspected of carrying out cyberattacks and spreading disinformation, the U.S. and U.K. have not until today officially accused the Kremlin of its role in these attacks.

The charges were filed hours after the U.K. and Dutch authorities found evidence that Russia had targeted the Organization for the Prohibition of Chemical Weapons in The Hague in April. The OPCW was investigating the poisoning of ex-Russian spy Sergei Skripal, who is living in the U.K. in exile.

U.K. Foreign Secretary Jeremy Hunt said the government was weighing up further sanctions against Russia, which it blamed for the attack.