The U.S. has imposed sanctions on two members of the Russian government-aligned hacktivist group Cyber Army of Russia Reborn (CARR). Yuliya Pankratova, the group’s leader, and Denis Degtyarenko, its primary hacker, are accused of cyber operations against U.S. critical infrastructure. The U.S. Treasury Department stated that any property belonging to the two suspects in the U.S. could be seized, and citizens are prohibited from doing business with them.
Pankratova, also known online as YUliYA, is accused of overseeing CARR’s operations and acting as the group’s spokesperson. Degtyarenko, using the alias Dena, allegedly compromised a U.S. energy company and developed materials to exploit SCADA systems, which control industrial operations. These materials were potentially intended for distribution to other groups.
Since 2022, CARR has been conducting unsophisticated distributed denial-of-service (DDoS) attacks in Ukraine and against its allies. In late 2023, the group claimed responsibility for cyberattacks targeting critical infrastructure in the U.S. and Europe, including industrial control systems in water, hydroelectric, wastewater, and energy facilities.
Despite these cyber intrusions, major damage has been avoided due to CARR’s lack of technical sophistication. However, Russian hacktivist groups, including CARR, are believed to be affiliated with state-sponsored actors, deflecting responsibility from the Russian government for cyberattacks on Ukraine and its allies.
Reference: