Charges Against Ukrainian National for Cyberattacks on U.S. Critical Infrastructure by Russian State-Backed Hacktivist Groups

**U.S. Charges Ukrainian National in Russian-Backed Cyberattacks on Critical Infrastructure** A 33-year-old Ukrainian national, Victoria Eduardovna Dubranova (also known as *Vika*, *Tory*, and *SovaSonya*), has been charged by U.S. prosecutors for her alleged role in cyberattacks targeting global critical infrastructure, including U.S. water systems, election infrastructure, and nuclear facilities. Dubranova, extradited to the U.S. earlier this year, faces charges tied to her involvement with two Russian state-backed hacktivist groups: **NoName057(16)** and **CyberArmyofRussia_Reborn (CARR)**. Dubranova pleaded not guilty and is scheduled for trial in **February 2026** (NoName case) and **April 2026** (CARR case). If convicted, she could face up to **27 years** for CARR-related offenses and **5 years** for NoName charges. ### **NoName057(16): State-Sanctioned DDoS Attacks** NoName057(16), partially administered by Russian threat actors and the **Center for the Study and Network Monitoring of the Youth Environment (CISM)**—a Kremlin-linked IT organization—developed **DDoSia**, a custom DDoS tool. The group recruited volunteers to launch attacks against government agencies, financial institutions, and critical infrastructure, including railways and ports. ### **CARR: GRU-Backed Sabotage of U.S. Infrastructure** The **Main Directorate of the Russian General Staff (GRU)** founded, funded, and directed **CARR**, a pro-Russia hacktivist collective with over **75,000 Telegram followers** and **100+ members**, including teenagers. The group claimed responsibility for **hundreds of cyberattacks**, including: - **Public water systems** in multiple U.S. states, causing industrial control failures and spilling **hundreds of thousands of gallons of drinking water**. - A **Los Angeles meat processing facility** in **November 2024**, triggering an **ammonia leak** and spoiling thousands of pounds of meat. - **Nuclear regulatory entities** and **U.S. election infrastructure**. A GRU officer, operating under the alias *Cyber_1ce_Killer*, directed CARR’s leadership and financed its DDoS-for-hire operations. ### **U.S. Response & Global Warnings** The U.S. State Department has offered **rewards of up to $2 million** for information on CARR associates and **$10 million** for details on NoName-linked individuals. Additionally, **CISA, the FBI, NSA, and international partners** issued a joint advisory warning that pro-Russia hacktivist groups—including **CARR, NoName, Z-Pentest, and Sector16**—continue to target critical infrastructure, with potential for **physical damage**. In **July 2024**, the U.S. Treasury’s **OFAC** sanctioned two CARR members: **Denis Olegovich Degtyarenko** (a primary hacker) and **Yuliya Vladimirovna Pankratova** (the group’s leader). The EPA’s **Craig Pritzlaff** emphasized that such attacks on water systems **"endanger the American public"** and will be met with legal consequences.