State Department announces $10M bounty for Russian intelligence hackers behind NotPetya

The State Department is offering $10 million for the location of six Russian intelligence officers in the Sandworm unit.
Ukrainian servicemen stand next to the monument in Chernobyl on April 26, 2022 to pay tribute to the firefighters who died during the 1986 Chernobyl disaster. The NotPetya attack knocked Chernobyl's radiation system offline. (Photo by SERGEI SUPINSKY/AFP via Getty Images)

The State Department announced Tuesday that it is offering a reward of up to $10 million for information leading to six Russian intelligence hackers responsible for the infamous 2017 NotPetya malware.

That malware knocked out Chernobyl’s radiation monitoring system and did more than $1 billion in damage to a number of U.S. organizations, according to a federal indictment.

The reward is part of the State Department’s Rewards for Justice program and extends beyond just the six Russian intelligence hackers responsible for NotPetya to “any person who, while acting at the direction or under the control of a foreign government, participates in malicious cyber activities against U.S. critical infrastructure.”

But the six officers of the Main Intelligence Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU) who were the architects of NotPetya malware are the focus of the State Department announcement. It noted that the malware damaged the computers of hospitals and other medical facilities in western Pennsylvania, a large U.S. pharmaceutical manufacturer and other U.S. private sector entities.


The State Department identified the suspects as GRU officers Yuriy Sergeyevich Andrienko, Sergey Vladimirovich Detistov, Pavel Valeryevich Frolov, Anatoliy Sergeyevich Kovalev, Artem Valeryevich Ochichenko and Petr Nikolayevich Pliskin, calling them “members of a conspiracy that deployed destructive malware and took other disruptive actions for the strategic benefit of Russia through unauthorized access to victim computers.” The men operated inside the Sandworm unit of Russian intelligence, known as an unusually skilled hacking collective.

The Rewards for Justice program has paid in more than $200 million to more than 100 tipsters across the globe since it launched in 1984.

In February, the program announced a $10 million reward for information on two Iranian hackers who allegedly worked on state-sponsored cyber operations meant to interfere with the 2020 U.S. presidential election. The State Department has posted similar bounties for information about ransomware groups REvil and DarkSide.

Anyone with information on the suspects can report it via the State Department’s Tor-based tips-reporting channel at: he5dybnt7sr6cm32xt77pazmtm65flqy6irivtflruqfc5ep7eiodiad.onion. A Tor browser is required.

Suzanne Smalley

Written by Suzanne Smalley

Suzanne joined CyberScoop from Inside Higher Ed, where she covered educational technology and from Yahoo News, where she worked as an investigative reporter. Prior to Yahoo News, Suzanne worked as a consultant to the economist Raj Chetty as he launched his Harvard-based research institute Opportunity Insights. Earlier in her career Suzanne covered the Boston Police Department for the Boston Globe and covered two presidential campaigns for Newsweek. She holds a masters in journalism from Northwestern and a BA from Georgetown. A Miami native, Suzanne lives in upper Northwest Washington with her family.

Latest Podcasts