June 14, 2024 at 09:28AM
The Security Service of Ukraine dismantled infrastructure enabling pro-Russia residents to deploy spyware on soldiers’ devices and operate bot farms. A woman in Zhytomyr supported mobile numbers used for attacks, while a man in Dnipro ran a larger operation selling access to social media accounts to Russian intelligence. Investigations are ongoing, with multiple suspects detained.
Key Takeaways from the Meeting Notes:
1. The Security Service of Ukraine (SSU) dismantled an infrastructure that allowed two pro-Russia Ukraine residents to break into soldiers’ devices and deploy spyware.
2. Ukrainian authorities discovered bot farms, similar to SIM farms, being used by Russian intelligence services to run thousands of mobile numbers and Telegram accounts.
3. A woman in Zhytomyr, under direct orders from Russia, operated technology supporting over 600 registered mobile numbers used for attacks on Ukraine’s armed forces.
4. These activities included sending phishing SMS messages containing spyware deployment links to Ukrainian soldiers’ devices.
5. Soldiers were targeted through social engineering tactics, such as sending videos of combat events and friend requests on social media platforms, as well as through dating sites.
6. The infrastructure was used to spread pro-Kremlin propaganda seemingly from genuine Ukrainian citizens.
7. Additionally, a 30-year-old resident of Dnipro was also involved in operating a similar operation, primarily catering to Russian intelligence members by selling access to social media accounts.
8. Only the Dnipro man has been detained, while the woman is under suspicion of violating Ukrainian criminal code, with ongoing investigations.
9. In a separate incident, a 28-year-old suspect in Ukraine’s capital was apprehended for his involvement with the Conti and LockBit ransomware gangs, potentially responsible for numerous attacks in the Netherlands, Belgium, and potentially hundreds more incidents.
These takeaways summarize the major points from the meeting notes regarding cyber threats and criminal activities in Ukraine, especially in relation to Russian intelligence operations and cybercriminal activities within the country.