SBU cyber experts exposed an interregional group of hackers. The offenders distributed malware. A resident of Ivano-Frankivsk region programmed viruses at the request of a Russian client.

The SBU established that viruses were sent over social media, including Instagram and other smartphone apps. The malware was used by offenders to gain access to personal information from computers and mobile devices, in particular logins and passwords.

According to the pre-trial investigation, the suspects posted links to shady app downloads disguised as comments on videos or social media posts.

One of the hackers worked for a Russian customer who provided access to a secure server in Russia. The server was used to create viruses, share technical tasks and make orders. Allegedly, the malware stole logins and passwords with access to financial information. Russians paid for orders with bitcoins.

Moreover, the SBU found that earlier the offenders created and administered a special forum, a Telegram channel and a bot. The resources were used by hackers to buy and sell personal data, in particular accounts, logs, copies of Ukrainian passports, passwords for Olx accounts, QIWI and Yandex wallets, YouTube video hosting.

During the searches of offenders’ residences, the law enforcement officers seized computers and mobile terminals used for illegal activities.

Following necessary examinations and other investigative actions, the offenders are to be served with suspicion papers.

The pre-trial investigation is ongoing.

The operation was conducted by the Investigation and Cyber Divisions of the SBU Office in Ivano-Frankivsk region in coordination with the SBU Cybersecurity Department under the supervision of the Regional Prosecutor’s Office.