Ethical Hacking News
A Ukrainian woman has been extradited to the US and will stand trial in early 2026 for her role in hacking into US public drinking water systems and a meat processing facility on behalf of Kremlin-backed cyber groups. The charges bring Dubranova, 33, face up to 27 years in prison if convicted of the charges brought against her.
Victoria Eduardovna Dubranova, a Ukrainian woman, has been extradited to the US and is set to stand trial in 2026 for hacking into US public drinking water systems and a meat processing facility.Dubranova allegedly worked with two pro-Russia hacktivist groups, CyberArmyofRussia_Reborn (CARR) and NoName057(16), linked to malicious cyber attacks directed by the Russian GRU and presidential administration.The charges against Dubranova stem from two high-profile incidents that caused thousands of pounds of meat to spoil and damaged public drinking water systems, resulting in over $5,000 in damages.Dubranova faces a statutory maximum penalty of 27 years in federal prison if convicted of the charges against her.The US government is part of a broader effort to combat pro-Russian hacktivist groups linked to malicious cyber attacks directed by the Russian GRU and presidential administration.Other individuals associated with CARR and NoName are being targeted by the US Department of Justice, including those allegedly working for Russia's GRU and Main Directorate of the General Staff of the Armed Forces.
The United States government has taken significant steps in its pursuit of justice against a Ukrainian woman accused of hacking into US public drinking water systems and a meat processing facility on behalf of Kremlin-backed cyber groups. According to the Department of Justice, Victoria Eduardovna Dubranova, 33, was extradited to the US earlier this year and is set to stand trial in early 2026.
Dubranova, who has pleaded not guilty to the charges brought against her, is alleged to have been involved in two pro-Russia hacktivist groups, CyberArmyofRussia_Reborn (CARR) and NoName057(16). The FBI's cyber division assistant director, Brett Leatherman, described Dubranova as a "pro-Russian hacktivist and administrator linked to malicious cyber attacks directed by the Russian GRU and the Russian presidential administration."
The charges against Dubranova stem from two high-profile incidents. In the case of the LA meat processor attack in November 2024, the digital intrusion caused thousands of pounds of meat to spoil and triggered an ammonia leak in the facility, resulting in more than $5,000 in damages. The public drinking water system intrusions damaged controls and spilled "hundreds of thousands of gallons of drinking water." CARR's ties to Russia's GRU have been confirmed by Google Threat Intelligence Group, which described the group as carrying out cyberattacks on US and European critical infrastructure but hiding behind a false persona.
The indictment against Dubranova charges her with one count of conspiracy to damage protected computers and tamper with public water systems, one count of damaging protected computers, one count of access device fraud, and one count of aggravated identity theft. If convicted of these charges, Dubranova would face a statutory maximum penalty of 27 years in federal prison.
The US government's pursuit of justice against Dubranova is part of a broader effort to combat pro-Russian hacktivist groups that have been linked to malicious cyber attacks directed by the Russian GRU and the Russian presidential administration. According to the FBI, these groups have recruited volunteers from around the world to download DDoSia, a proprietary tool for network-traffic-flooding attacks, and use their computers to conduct DDoS attacks against victims.
The indictment also charges an individual using the monikers "Cyber_1ce_Killer," and "Commander," who is allegedly associated with at least one Main Directorate of the General Staff of the Armed Forces of the Russian Federation (GRU) officer. According to the court documents, defendants and co-conspirators believed that this individual was a Russian government agent.
As part of its efforts to combat these groups, the US Department of Justice has also announced charges against two other CARR members who were previously sanctioned by the US government. The NoName indictment also charges Dubranova with one count of conspiracy to damage protected computers.
The single most important thing people can do to protect themselves, according to the Cybersecurity and Infrastructure Security Agency (CISA), is to reduce the number of OT devices exposed to the public-facing internet. CISA's Chris Butera emphasized that these attacks tend to be opportunistic, with hacktivist crews scanning VPNs and remote-access tools connected to OT devices.
This broad, indiscriminate approach has been used across multiple sectors, from water treatment facilities to oil well systems, often using easily repeatable and unsophisticated methods. The cumulative impact of this malicious cyber activity poses a persistent and disruptive threat to essential services. According to Butera, even small utilities and providers are at risk.
"The single most important thing people can do to protect themselves is to reduce the number of OT devices exposed to the public-facing internet," he said. "This broad, indiscriminate approach has been used across multiple sectors, from water treatment facilities to oil well systems, often using easily repeatable and unsophisticated methods."
In addition to announcing the charges against Dubranova, the US State Department also offered potential rewards of up to $2 million for information on individuals associated with CARR and up to $10 million for information on individuals associated with NoName. Several US government agencies, including the FBI, National Security Agency, Department of Energy, Environmental Protection Agency, and the US Cybersecurity and Infrastructure Agency (CISA), along with more than 20 international partners, issued guidance for operational technology owners and operators on how to secure their critical networks against attacks by these and other pro-Russian hacktivist groups.
Related Information:
https://www.ethicalhackingnews.com/articles/American-Justice-Seeks-to-Punish-Ukrainian-Hacktivist-for-Compromising-US-Critical-Infrastructure-ehn.shtml
https://go.theregister.com/feed/www.theregister.com/2025/12/10/pro_russia_hacktivist_charged/
https://www.cisa.gov/news-events/cybersecurity-advisories/aa25-343a
https://cyberscoop.com/us-charges-russian-backed-hacker-critical-infrastructure-attacks-carr-noname05716/
https://en.wikipedia.org/wiki/Noname057(16)
https://www.techradar.com/pro/security/russian-speaking-hacking-group-now-shifting-focus-to-government-targets
https://thehackernews.com/2025/05/russia-linked-apt28-exploited-mdaemon.html
Published: Wed Dec 10 12:12:34 2025 by llama3.2 3B Q4_K_M
