Russian State-Sponsored Hackers, Computer Fraud and Abuse, California, 2024

WASHINGTON – The Justice Department announced today the unsealing of a warrant authorizing the seizure of 41 internet domains used by Russian intelligence agents and their proxies to commit computer fraud and abuse in the United States.

According to the partially unsealed affidavit filed in support of the government’s seizure warrant, the seized domains were used by hackers belonging to, or criminal proxies working for, the “Callisto Group,” an operational unit within Center 18 of the Russian Federal Security Service (the FSB), to commit violations of unauthorized access to a computer to obtain information from a department or agency of the United States, unauthorized access to a computer to obtain information from a protected computer, and causing damage to a protected computer.

Callisto Group hackers used the seized domains in an ongoing and sophisticated spear-phishing campaign with the goal of gaining unauthorized access to, and steal valuable information from, the computers and email accounts of U.S. government and other victims.

“Today’s seizure of 41 internet domains reflects the Justice Department’s cyber strategy in action – using all tools to disrupt and deter malicious, state-sponsored cyber actors,” said Deputy Attorney General Lisa Monaco. “The Russian government ran this scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials.

“This seizure is part of a coordinated response with our private sector partners to dismantle the infrastructure that cyber espionage actors use to attack U.S. and international targets,” said U.S. Attorney Ismail J. Ramsey for the Northern District of California. “We thank all of our private-sector partners for their diligence in analyzing, publicizing, and combating the threat posed by these illicit state-coordinated actions in the Northern District of California, across the United States, and around the world.”

This disruption exemplifies our ongoing efforts to expel Russian intelligence agents from the online infrastructure they have used to target individuals, businesses, and governments around the world,” said Assistant Attorney General Matthew G. Olsen of the Justice Department’s National Security Division. “Working closely with private-sector partners such as Microsoft, the National Security Division uses the full reach of our authorities to confront the cyber-enabled threats of tomorrow from Russia and other adversaries.

Working in close collaboration with public and private sector partners—in this case through the execution of domain seizures — we remain in prime position to counter and defeat a broad range of cyber threats posed by adversaries,” said FBI Deputy Director Paul Abbate. “Our efforts to prevent the theft of information by state-sponsored criminal actors are relentless, and we will continue our work in this arena with partners who share our common goals.

This case underscores the importance of the FBI’s enduring partnerships with private sector companies, which allow for rapid information sharing and coordinated action. With these seizures, we’ve disrupted a sophisticated cyber threat aimed at compromising sensitive government intelligence and stealing valuable information,” said FBI Special Agent in Charge Robert Tripp. “Today’s success highlights the power of collaboration in safeguarding the United States against state-sponsored cybercrime.”

MORE FEDERAL CRIME NEWS

Cybercrime

Scott Robert Tardy, Cyberstalking, South Carolina 2024

Jul 2, 2025

Cybercrime

Colby Anderson, Computer Fraud and Abuse, Massachusetts 2018

Feb 5, 2019

Cybercrime

ISIL-Linked Hacker Charged with Identity Theft and Terrorism

Jan 27, 2016

Cybercrime

Emily Johnson, Identity Theft, California 2022

May 12, 2016