Russian Hacker Pleads Guilty in Oil and Gas Facility Attacks

(Bloomberg) -- A Russian hacker who broke into and damaged critical oil and gas infrastructure in the US, Ukraine and other countries pleaded guilty to charges that carry as many as 27 years in prison.

Artem Vladimirovich Revenskii, a Russian national known in cybercriminal circles as “Digit,” was charged by federal prosecutors in California earlier this month with conspiracy to cause damage to protected computers, wire fraud and identity theft. On Thursday, Revenskii entered into a plea agreement in exchange for a reduced sentence recommendation.

Revenskii was part of a Russian government-sponsored hacking group known as Sector16, prosecutors said. Revenskii worked with the group to gain access and damage critical systems for oil and gas infrastructure facilities in the US, Ukraine, Germany, France and Latvia, according to federal court filings. Sector16’s targets were countries “perceived to be enemies of the Russian government,” prosecutors wrote.

Sector16 first came to prominence in 2025 when the group claimed on the dark web that they’d attacked an oil company in Texas.

According to prosecutors, the group took control of oil pumps and storage reservoirs at an unnamed Texas facility in January 2025. Throughout that year, the group also hacked an oil and gas facility in North Dakota and then developed a plan to sell access to the Russian government, according to a criminal information filed in the Central District of California federal court.

Facilities in New York and Pennsylvania were also successfully hacked. 

Revenskii, who primarily resided in Russia, came into US custody on Nov. 2, 2025. Revenskii was arrested in the Dominican Republic and put on a plane to Newark, New Jersey, according to his lawyer John Targowski, who declined further comment. 

Sector16 also plotted to sabotage critical infrastructure in Ukraine, including gas stations in Kiev, and it planned to disable Ukraine’s whole electric grid, authorities said. Revenskii told another conspirator that he expected to receive 5 million rubles, approximately $60,000 US dollars, to turn off all electricity in Ukraine for three days, authorities said. It’s not clear if Revenskii succeeded.

“The project has already started,” Revenskii said in text messages. “The money upfront given.”

In September 2025, the hackers accessed a natural gas facility in Poltava, Ukraine, prosecutors said. In text messages, Revenskii discussed a plan to use the access to cause physical damage by attacking the hardware, deforming the gas pipeline and overloading ventilation equipment and gas extraction equipment.

Sector16 discussed being offered $75,000 if it could cause an explosion at the facility in Poltava, prosecutors said. The group also talked about trying to sell their services to the Russian government.

Revenskii prepared a business proposal about a cyberattack against the Poltava facility in which he promised customers “fires and explosions” that “could lead to loss of life and destruction of equipment,” prosecutors said.

Sector16 maintained a prolific social media presence in 2025 and claimed to have partnered with several pro-Russian hacking groups to breach and sabotage hydroelectric power plants in France and then a paper mill in Germany. It’s not clear if all of the disruptions were successful.

Revenskii helped fund Sector16’s hacking with a hotel booking conspiracy in which the hackers would steal a victim’s identity, book hotel reservations using stolen funds, and then split the proceeds with complicit hotels that signaled they would not flag the transactions for fraud, prosecutors said. 

The scheme, which aimed to bring in over $150,000 in profits in just a few months in 2024, spanned the globe and aimed to give the complicit hotels 50% of the stolen funds. The hacker would receive 25%, while Revenskii and another co-conspirator got 10% apiece. A third co-conspirator got 5%, prosecutors said.

(Updates with more details throughout.)

©2026 Bloomberg L.P.