2 min read

Ukrainian Security Service Dismantles Cybercriminal Group Operating under Kremlin Orders

Filip TRUȚĂ

September 26, 2022

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Ukrainian Security Service Dismantles Cybercriminal Group Operating under Kremlin Orders

Mere weeks after Ukrainian authorities shut down two bot farms used to spread disinformation, the Security Service of Ukraine (SSU) said it has neutralized yet another operation that allegedly acted in the Kremlin’s interests.

Cybercriminals based in Ukraine allegedly hacked ordinary folks’ social accounts in the EU and Ukraine only to hand them over to ‘wholesale’ pro-Kremlin propagandists.

According to the SSU, the buyers “used the received identification data of Ukrainian and foreign citizens to spread fake ‘news’ from the front and sow panic.

"The purpose of such manipulations was large-scale destabilization in multiple countries,” according to the press release.

The suspects are yet to be identified by name but the SSU says the hackers sold the access credentials to the accounts on the dark web, netting roughly UAH 14 million (USD 326,000) through electronic payment systems like YooMoney, Qiwi and WebMoney – all banned in Ukraine.

The hackers are said to have hijacked about 30 million accounts.

“The investigation established that the hacked accounts were used supposedly on behalf of ordinary people to spread disinformation about the socio-political situation in Ukraine and the EU,” the SSU says.

The hackers, based in the large Western city of Lviv, allegedly “installed specialized computer equipment at their homes and broke into other people’s accounts using malicious software.”

Law enforcement found ”hard magnetic disks” with citizens’ personal data, as well as computer equipment, mobile phones, SIM cards and flash drives containing “evidence of unlawful activity.”

As investigations continue, Ukrainian police notified the alleged organizer of the operation that he’s likely to be charged under Article 361-2.1 of the CCU, meaning unauthorized sale or distribution of information with restricted access, stored in computers, automated systems, computer networks or on data carriers.

The SSU stopped short of disclosing names or the number of actual crew members busted in the operation, saying only that “the investigation is ongoing.”

Earlier this month, the SSU’s cyber department dismantled two bot farms, in Kyiv and Odesa. The “bot army” of almost 7,000 accounts was allegedly used to spread destructive content aiming to destabilize Ukraine, and to discredit Ukrainian defense forces and ultimately justify Russia’s war campaign.

tags


Author



Right now

Top posts

How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read
August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August Spam Debrief: Bitdefender Labs Warns of Fraud Campaigns Exploiting the Russia-Ukraine War

August 31, 2022

4 min read
Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

Snake Keylogger Returns in Malspam Campaign Disguised as Business Portfolio from IT Vendor

August 30, 2022

2 min read
What is medical identity theft and how to protect against it

What is medical identity theft and how to protect against it

July 27, 2022

2 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison SIM Swapper Involved in $22 Million Crypto Heist Sentenced to 18 Months in Prison
Vlad CONSTANTINESCU

December 05, 2022

1 min read
Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data Hive Social Taken Offline as ‘Critical Vulnerabilities’ Could Expose Private Messages, Other Data
Filip TRUȚĂ

December 05, 2022

1 min read
Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info Malicious Actors Exploit TikTok ‘Invisible Challenge’ to Steal Users’ Info
Alina BÎZGĂ

December 02, 2022

2 min read