Evgenii Serebriakov, arrested in 2018 in the Netherlands for espionage, has been promoted to commander of the Kremlin hacker collective, Sandworm. A lot of information is already circulating about him.
Kremlin hackers aren’t always holed up in a basement in Moscow. Evgenii Serebriakov, the new leader of Sandworm, a collective of state pirates, was also on a mission in the rest of the world, reveals the American magazine Wired on March 15, 2023.
The fact that we know the name of a spy means that he failed at one point. This Russian agent was involved in a failed mission in the Netherlands, along with six other members of the GRU, the Russian military intelligence service. He and his team were indicted in the midst of a very short-range cyber espionage operation in 2018, not far from the Organization for the Prohibition of Chemical Weapons in The Hague. At the time, this institution was working on the chemical weapons used by the Syrian regime – supported by Russia – and on the poisoning of the former Russian agent Skripal in London.
The Russian agents’ expedition is a total failure, as Dutch law enforcement seized their backpack, full of technical equipment and hacking devices. Serebriakov had left many clues in his computer, including traces of travels and photos with Russian sportswomen. These pictures were taken in 2016 during the Rio Olympics, meaning that the Kremlin had also launched operations during this event. The whole team is arrested by the Netherlands and then released, without explanation, a few days later.
At the time, Serebriakov worked for the hacker collective APT28, also known as Fancy Bear. This group has attacked several entities in France, and is notably involved in the hacking of the TV5 Monde TV channel or the targeting of Emmanuel Macron’s campaign teams in 2017.
Promotion during the invasion
Evgenii Serebriakov was able to bounce back despite this failure. According to security services, interviewed by Wired, he has now been promoted to head of Sandworm, another aggressive Russian intelligence collective. This organization is tasked with attacking designated enemies of Moscow. Among its most famous stunts is the NotPetya malware which paralyzed Ukrainian institutions, but also companies around the world, with nearly 9 billion euros in damage in total.
Despite his failure in the Netherlands, he is ” apparently too good to throw away says Christo Grozev, investigative journalist at Belingcat. His appointment dates from the spring of 2022, when Russia was still in its multi-pronged invasion phase of Ukraine. Sandworm is obviously involved in the attacks against the Ukrainian computer system, including a – failed – attempt against the power grid.
For former national security professionals interviewed by Wired, Serebriakov’s promotion means two things. First, the failed mission in The Hague would not be interpreted as a total failure, but would contribute to the fear of Russian agents in the west for the Kremlin. Second, choosing an already known name would prove that many of Moscow’s “talents” are already known to Western intelligence. At the same time, new agents of Russia are being discovered in Europe every month. In autumn, the head of security in Germany is fired on suspicion of collusion with the Kremlin. Who will be the next one ?
If you liked this article, you will like the following ones: do not miss them by subscribing to Numerama on Google News.