A Ukrainian national, Victoria Eduardovna Dubranova, has been indicted and extradited to the United States for her alleged involvement with two Russia-linked cyber hacking groups. The U.S. Environmental Protection Agency (EPA), in collaboration with the U.S. Attorney’s Office for the Central District of California and the Federal Bureau of Investigations (FBI), announced the charges on December 9, 2025.
Dubranova, also known by aliases such as Vika, Tory, and SovaSonya, faces accusations related to her activities with CyberArmyofRussia_Reborn (CARR) and NoName057(16) (NoName). The indictments were unsealed in Los Angeles' U.S. District Court. She pleaded not guilty to both cases and is set to face trial on February 3, 2026, for the NoName matter and April 7, 2026, for the CARR case.
CARR is reportedly linked to Russia's Main Directorate of the General Staff of the Armed Forces (GRU) and has conducted numerous cyberattacks globally. The group has targeted critical infrastructure in the United States, including public water systems. Dubranova's charges include conspiracy to damage protected computers and tampering with public water systems.
EPA Acting Assistant Administrator Craig Pritzlaff said that these actions threatened national water resources: "The defendant’s illegal actions to tamper with the nation’s public water systems put communities and the nation’s drinking water resources at risk." Assistant Attorney General John A. Eisenberg emphasized their commitment to countering Russian cyber threats: "Today’s actions demonstrate the Department’s commitment to disrupting malicious Russian cyber activity."
The FBI's Brett Leatherman reiterated their resolve against such threats: "When pro-Russia hacktivist groups target our infrastructure, the FBI will use all available tools to expose their activity and hold them accountable."
If convicted, Dubranova could face up to 27 years in federal prison. This case is part of Operation Red Circus aimed at countering Russian state-sponsored cyber threats.
The EPA continues its efforts to secure water systems against cyberattacks by working with utilities on cybersecurity assessments and risk mitigation plans. More information about these initiatives can be found on EPA's [Cybersecurity for the Water Sector webpage](https://www.epa.gov/watersecurity/cybersecurity-water-sector).
