A Ukrainian woman was charged in the US in two separate indictments for her alleged ties with two hacktivist groups known for launching hundreds of cyberattacks in support of the Russian government’s interests.
The individual, Victoria Eduardovna Dubranova, 33, allegedly played a role in cyberattacks and intrusions that pro-Russia hacktivist groups CyberArmyofRussia_Reborn (CARR) and NoName057(16) (NoName) carried out against critical infrastructure organizations worldwide.
Dubranova faces up to 27 years in prison for her involvement in CARR activities, and up to five years in prison for her ties to NoName.
The woman was extradited to the United States earlier this year and she has pleaded not guilty in both cases.
The first indictment alleges that CARR, also known as Z-Pentest, was founded, supported financially, and supervised by Russia’s military intelligence unit GRU.
CARR regularly claimed responsibility for cyberattacks against critical infrastructure entities, including US organizations, and is known for hacking industrial control systems (ICS) and for launching distributed denial-of-service (DDoS) attacks.
According to a joint advisory from government agencies in the US and allied countries, CARR, also known as The People’s Cyber Army of Russia, was created in late February or early March of 2022, and conducted DDoS attacks until at least September 2024.
Presenting itself as a pro-Russia hacktivist group, CARR documented its cyberattacks through images and videos shared online, promoted Russian ideology, and publicized leaked information from Russian state-sponsored intrusions.
The group is blamed for hacking a meat processing facility in Los Angeles in November 2024, for targeting the US election infrastructure, the websites of US nuclear regulatory entities, and a water system in Texas.
On Tuesday, the US announced rewards of up to $2 million for information on individuals associated with CARR, including its self-proclaimed administrator Yuliya Vladimirovna Pankratova (also known as YUliYA), and its primary hacker Denis Olegovich Degtyarenko (also known as Dena).
Additionally, the US says, the threat actor ‘Cyber_1ce_Killer’, a moniker associated with at least one GRU officer, is a member of CARR.
NoName launched over 1,500 DDoS attacks
The second indictment against Dubranova alleges her involvement with NoName, a hacktivist group active since March 2022 and known for launching DDoS attacks against NATO member states and other European countries.
According to the indictment, NoName has launched attacks against government agencies, financial institutions, and critical infrastructure, and has recruited volunteers worldwide to download its proprietary DDoS tool called DDoSia.
“In 2024, NoName057(16) began collaborating closely with other pro-Russia hacktivist groups, operating a joint chat with CARR by mid-2024. In July 2024, NoName057(16) jointly claimed responsibility with CARR for an alleged intrusion against OT assets in the US,” the government agencies’ joint advisory reads.
On Tuesday, the US announced it was offering bounties of up to $10 million for information on members of NoName, which are closely aligned with the Russian information technology organization known as the Center for the Study and Network Monitoring of the Youth Environment (CISM).
NoName, the US says, is believed to have launched over 1,500 DDoS attacks against organizations in Ukraine and its neighboring and supporting countries.
The joint advisory from the US and its allies also shows that Z-Pentest, which is known for attacks on ICS/OT systems, was created in September 2024 by members from CARR and NoName who were dissatisfied with the level of support received from GRU.
A novice pro-Russia hacktivist group named Sector16 that emerged this year through collaboration with Z-Pentest might have received indirect support from the Russian government, the advisory shows.
Related: Reporters Without Borders Targeted by Russian Hackers
Related: RapperBot Botnet Disrupted, American Administrator Indicted
Related: Russian Qakbot Gang Leader Indicted in US
Related: UK Sanctions Russian and Chinese Firms Suspected of Being ‘Malign Actors’ in Information Warfare
