Ukrainian law enforcement authorities on Friday disclosed that it had "neutralized" a hacking group operating from the city of Lviv that it said acted on behalf of Russian interests.
The group specialized in the sales of 30 million accounts belonging to citizens from Ukraine and the European Union on the dark web and netted a profit of $372,000 (14 million UAH) through electronic payment systems like YooMoney, Qiwi, and WebMoney that are outlawed in the country.
"Their 'wholesale clients' were pro-kremlin propagandists," the Security Service of Ukraine (SSU) said in a press release. "It was them who used the received identification data of Ukrainian and foreign citizens to spread fake 'news' from the front and sow panic."
The goal behind the campaign was "large-scale destabilization in multiple countries," it stated, adding the hacked accounts were used to propagate false information about the socio-political situation in Ukraine and the E.U.
Searches carried out at the suspects' homes revealed magnetic disks containing personal data as well as computer equipment, mobile phones, SIM cards, and flash drives that exhibited evidence of illicit activities.
Discover how Deception can detect advanced threats, stop lateral movement, and enhance your Zero Trust strategy. Join our insightful webinar!Save My Seat!
The agency did not reveal how many individuals were arrested and which online services were targeted by the cybercriminals.
The development comes weeks after the agency moved to shut down two bot farms comprising nearly 7,000 accounts that were orchestrated to spread information designed to destabilize the social and political situation in Ukraine.
"Their main activity was creation and promotion of accounts in social networks and messengers," it noted. "The group used the bots to spread panic in the region, for example, by disseminating disinformation and fake news from the front."