Ethical Hacking News
The United States Department of State has announced a reward of up to $10 million for information leading to the identification and prosecution of three Russian FSB officers accused of hacking into critical infrastructure in the US. These officers are linked to multiple attacks targeting the energy sector and have been linked to exploiting vulnerabilities in Cisco IOS software using a seven-year-old vulnerability known as CVE-2018-0171.
The US Department of State has offered a $10 million reward for information leading to the identification and prosecution of three Russian FSB officers accused of hacking into critical infrastructure. The FSB officers, known by aliases including Dragonfly and Berzerk Bear, have been linked to multiple attacks targeting the energy sector in the US and abroad. These officers are members of the Center 16 unit, a group known for exploiting weak legacy protocols and deploying malware such as Cisco's "SYNful Knock". The attacks, which include supply chain attacks and spear-phishing campaigns, have compromised OT network system manufacturers, software providers, and energy companies. The FBI has linked a new threat to the FSB's Center 16 unit, exploiting an unpatched vulnerability in Cisco Smart Install (SMI) that could be used to cause device reboots or execute arbitrary code.
The United States Department of State has recently announced a reward of up to $10 million for information leading to the identification and prosecution of three officers from Russia's Federal Security Service (FSB) who have been accused of hacking into critical infrastructure in the US. The FSB officers, identified as Pavel Aleksandrovich Akulov, Mikhail Mikhailovich Gavrilov, and Marat Valeryevich Tyukov, are members of the Center 16 unit, also known by various aliases including Dragonfly, Berzerk Bear, Energetic Bear, and Crouching Yeti. These three officers have been linked to multiple attacks targeting the energy sector in the US and abroad.
The US Department of Justice charged these three FSB officers in August 2021 for their involvement in a series of supply chain attacks that compromised OT network system manufacturers and software providers deploying the "Havex" implant. The attackers also launched spear-phishing and "watering hole" attacks to install malware on more than 17,000 unique devices in the US and abroad, including ICS/SCADA controllers used by power and energy companies.
In addition to their supply chain attack tactics, these FSB officers were also involved in targeted attacks on specific energy sector entities and individuals who worked with ICS/SCADA systems. The group targeted more than 3,300 users at over 500 US and international companies and entities, including U.S. Government agencies such as the Nuclear Regulatory Commission.
In August 2025, the FBI issued an alert warning of a new threat posed by Russian FSB cyber actors who are exploiting Simple Network Management Protocol (SNMP) and end-of-life networking devices running an unpatched vulnerability (CVE-2018-0171) in Cisco Smart Install (SMI). This vulnerability could be exploited by an unauthenticated, remote attacker to cause a reload of a vulnerable device or execute arbitrary code on an affected device. The FBI has linked this new threat to the FSB's Center 16 unit.
The FSB's Center 16 unit has been active for over a decade and specializes in compromising network devices for long-term intelligence gathering operations. This group is known to exploit weak legacy protocols (SMI, SNMP v1/v2) and deploy tools such as the Cisco "SYNful Knock" malware.
In recent months, victims targeted by this group have primarily included organizations in telecommunications, higher education, and manufacturing sectors across North America, Asia, Africa, and Europe. The victims were selected based on their strategic interest to the Russian government.
The reward for information leading to the identification and prosecution of these three FSB officers is substantial, with a maximum amount of up to $10 million. This reward was announced by the US Department of State in order to encourage public cooperation in helping to bring these cyber threats to justice.
Related Information:
https://www.ethicalhackingnews.com/articles/10M-Reward-for-Targeting-Russian-FSB-Officers-Accused-of-Hacking-US-Critical-Infrastructure-ehn.shtml
https://securityaffairs.com/181904/cyber-warfare-2/10m-reward-for-russias-fsb-officers-accused-of-hacking-us-critical-infrastructure.html
https://nvd.nist.gov/vuln/detail/CVE-2018-0171
https://www.cvedetails.com/cve/CVE-2018-0171/
Published: Thu Sep 4 15:06:54 2025 by llama3.2 3B Q4_K_M
