SSU dismantles group of cyber criminals that hacked 30 million accounts of Ukraine and EU citizens

The SSU has neutralized a hacker group from Lviv that acted in the interests of the aggressor state.

Criminals hacked active accounts of Internet users from Ukraine and the EU member-states, gaining access to personal data of their victims.

They sold this confidential information through the anonymous Darknet platform and received money through electronic payment systems YooMoney, Qiwi, and WebMoney, banned in Ukraine.

According to preliminary findings, the hackers sold about 30 million accounts and received a ‘profit’ of almost UAH 14 mln (USD 326,000).

Their ‘wholesale clients’ were pro-kremlin propagandists. It was them who used the received identification data of Ukrainian and foreign citizens to spread fake ‘news’ from the front and sow panic. The purpose of such manipulations was large-scale destabilization in multiple countries.

The investigation established that the hacked accounts were used supposedly on behalf of ordinary people to spread disinformation about the socio-political situation in Ukraine and the EU.

The group included several hackers from Lviv. They installed specialized computer equipment at their homes and broke into other people’s accounts using malicious software.

During the searches, the law enforcement found:

  • hard magnetic disks with citizens’ personal data;
  • computer equipment, mobile phones, SIM cards and flash drives with evidence of unlawful activity.

The organizer of the group has been notified of suspicion under Article 361-2.1 of the CCU (unauthorized sale or distribution of information with restricted access, stored in computers, automated systems, computer networks or on data carriers).

The investigation is ongoing.

The SSU Office in Lviv Region exposed the hacker group together with the National Police under the procedural supervision of Halytskyi District Prosecutor’s Office.