Federal authorities are offering a reward of up to $10 million for information on the whereabouts of a Russian national who they say is connected to a sprawling cybersecurity attack on Ukrainian government computer systems ahead of Russia’s invasion of the country.

The planned attack, known as “WhisperGate,” also targeted one of Ukraine’s central European ally nations and included attempted probes of U.S. government facilities in Maryland, according to an indictment unsealed Wednesday morning.

A federal grand jury indicted Russian national Amin Stigal this week, charging him with conspiring to commit fraud by hacking and destroying the computer systems.

The U.S. District Court in Maryland issued an arrest warrant for Stigal, 22, who prosecutors said remains at large.

“The Justice Department will continue to stand with Ukraine on every front in its fight against Russia’s war of aggression, including by holding accountable those who support Russia’s malicious cyber activity,” U.S. Attorney General Merrick Garland said in a statement announcing the indictment.

The Russian Embassy in Washington did not immediately respond to a request for comment.

In the indictment, federal authorities allege that Stigal worked with Russian military intelligence officers from the Main Intelligence Directorate of the General Staff to carry out the agency’s cyberattack operations in foreign countries. Stigal and the military officers concealed their connection to the Russian government by using fake identities, a network of computers across the world and cryptocurrency.

The WhisperGate campaign began about a month before Russia’s February 2022 invasion of Ukraine, according to court documents, when Stigal, at the behest of the Russian military, hacked the computers of dozens of Ukrainian government entities, including those that deal with “critical infrastructure,” agriculture, education, science and emergency services.

The attack campaign used software designed to look like a ransomware attack — which is when access to files is blocked until a ransom fee is paid — but in fact, the files were deleted altogether, according to the indictment. WhisperGate also stole and leaked personal data, including the medical records of thousands of Ukrainians - which federal authorities said was meant to “sow concern among Ukrainian citizens” regarding the safety and security of their government’s systems.

In October 2022, Stigal and the Russian military also hacked the transportation infrastructure of a Central European country that had supported Ukraine through civilian and military aid after the invasion, according to the indictment. The country’s name was not provided in court documents.

Federal prosecutors also alleged that, from December 2020 through the present day, the Russian military has been scanning protected government computers across the globe — including in Maryland — as a “preliminary step toward gaining unauthorized access.”

In the indictment, authorities said that the WhisperGate malware would first delete the files on the targeted computer, then produce a ransom note that demanded a payment of $10,000 in bitcoin to retrieve the data that had already been wiped.

In one hacking incident in January 2022, federal prosecutors alleged that Ukraine’s website for the State Portal for Digital Services was hacked to display a message in Polish, Russian and Ukrainian that read: “Ukrainians! All information about you has become public, be afraid and expect the worst. This is for your past, present and future.”

The reward for information on Stigal’s location, set at up to $10 million, is being managed through the State Department’s Rewards for Justice fund.

“Malicious cyber actors who attack our allies should know that we will pursue them to the full extent of the law” said Erek Barron, the U.S. attorney in Maryland. “Cyber intrusion schemes such as the one alleged threaten our national security, and we will use all the technologies and investigative measures at our disposal to disrupt and track down these cybercriminals.”