The Hacker News Logo
Subscribe to Newsletter

The Hacker News - Cybersecurity News and Analysis: Ukrainian hacker

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records

Ukrainian Police Arrest Hacker Who Tried Selling Billions of Stolen Records
May 20, 2020Swati Khandelwal
The Ukrainian police have arrested a hacker who made headlines in January last year by posting a massive database containing some 773 million stolen email addresses and 21 million unique plaintext passwords for sale on various underground hacking forums. In an official statement released on Tuesday, the Security Service of Ukraine (SBU) said it identified the hacker behind the pseudonym "Sanix," who is a resident of the Ivano-Frankivsk region of Ukraine, but it did not reveal his actual identity to the media. In January last year, the hacker tried to sell the massive 87-gigabyte database labeled as "the largest array of stolen data in history," which, according to security experts, was just a fraction of the stolen data Sanix collected. According to the authorities, Sanix had at least 6 more similar databases of stolen and broken passwords, totaling in terabytes in size, which also included billions of phone numbers, payment card details, and Social Secu

Ukrainian Police Arrest 6 Hackers Linked to DDoS and Financial Attacks

Ukrainian Police Arrest 6 Hackers Linked to DDoS and Financial Attacks
January 17, 2019Swati Khandelwal
Ukrainian Police have this week busted out two separate groups of hackers involved in carrying out DDoS attacks against news agencies and stealing money from Ukrainian citizens, respectively. According to the authorities, the four suspected hackers they arrested last week , all aged from 26 to 30 years, stole more than 5 million Hryvnia (around 178,380 USD) from the bank accounts of Ukrainian citizens by hacking into their computers. The suspects carried out their attacks by scanning vulnerable computers on the Internet and infecting them with a custom Trojan malware to take full remote control of the systems. The group then apparently enabled key-logging on the infected computers in an attempt to capture banking credentials of victims when the owners of those infected computers fill in that information on any banking site or their digital currency wallet. Once getting a hold on the victims banking and financial data, the attackers logged into their online banking accounts

Leader of Hacking Group Who Stole $1 Billion From Banks Arrested In Spain

Leader of Hacking Group Who Stole $1 Billion From Banks Arrested In Spain
March 26, 2018Wang Wei
Spanish Police has arrested the alleged leader of an organised Russian cybercrime gang behind the Carbanak and Cobalt malware attacks, which stole over a billion euros from banks worldwide since 2013. In a coordinated operation with law enforcement agencies across the globe, including the FBI and Europol, Police detained the suspected leader of Carbanak hacking group in Alicante, Spain. Carbanak hacking group started its activities almost five years ago by launching a series of malware attack campaigns such as Anunak and Carbanak to compromise banks and ATM networks, from which they swiped millions of credit card details from US-based retailers. According to the Europol, the group later developed a sophisticated heist-ready banking malware known as Cobalt, based on the Cobalt Strike penetration testing software, which was in use until 2016. "The magnitude of the losses is significant: the Cobalt malware alone allowed criminals to steal up to EUR 10 million per heist,

CEO of Major UK-Based Cryptocurrency Exchange Kidnapped in Ukraine

CEO of Major UK-Based Cryptocurrency Exchange Kidnapped in Ukraine
December 28, 2017Mohit Kumar
Pavel Lerner , a prominent Russian blockchain expert and known managing director of one of the major crypto-exchanges EXMO, has allegedly been kidnapped by "unknown" criminals in the Ukranian capital of Kiev. According to Ukraine-based web publication Strana , Lerner, 40-year-old citizen of Russia, was kidnapped on December 26 when he was leaving his office in the center of town (located on the Stepan Bandera Avenue). Unknown kidnappers in dark clothes and balaclavas dragged Lerner in their black Mercedes-Benz Vito brand (state number AA 2063 MT) car and drove away in an unknown direction. The information comes from an anonymous source in Ukrainian law enforcement agencies, though multiple investigations are currently underway to find out why and by whom Lerner was kidnapped. Lerner is a recognized IT specialist in Ukraine who led a number of startups related to blockchain technology development and mining operations. Lerner is also the managing director of EXMO

Turns Out New Petya is Not a Ransomware, It's a Destructive Wiper Malware

Turns Out New Petya is Not a Ransomware, It’s a Destructive Wiper Malware
June 28, 2017Swati Khandelwal
What if I say the Tuesday's devastating global malware outbreak was not due to any ransomware infection? Yes, the Petya ransomware attacks that began infecting computers in several countries, including Russia, Ukraine, France, India and the United States on Tuesday and demands $300 ransom was not designed with the intention of restoring the computers at all. According to a new analysis, the virus was designed to look like ransomware but was wiper malware that wipes computers outright, destroying all records from the targeted systems. Comae Technologies Founder Matt Suiche, who closely looked the operation of the malware, said after analyzing the virus, known as Petya, his team found that it was a " Wiper malware ," not ransomware. Security experts even believe the real attack has been disguised to divert world's attention from a state-sponsored attack on Ukraine to a malware outbreak. "We believe the ransomware was, in fact, a lure to control the

Dangerous Malware Discovered that Can Take Down Electric Power Grids

Dangerous Malware Discovered that Can Take Down Electric Power Grids
June 12, 2017Swati Khandelwal
Last December, a cyber attack on Ukrainian Electric power grid caused the power outage in the northern part of Kiev — the country's capital — and surrounding areas, causing a blackout for tens of thousands of citizens for an hour and fifteen minutes around midnight. Now, security researchers have discovered the culprit behind those cyber attacks on the Ukrainian industrial control systems. Slovakia-based security software maker ESET and US critical infrastructure security firm Dragos Inc. say they have discovered a new dangerous piece of malware in the wild that targets critical industrial control systems and is capable of causing blackouts. Dubbed " Industroyer " or " CrashOverRide ," the grid-sabotaging malware was likely to be used in the December 2016 cyber attack against Ukrainian electric utility Ukrenergo , which the security firms say represents a dangerous advancement in critical infrastructure hacking. According to the researchers, CrashO

Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media

Malware Hijacks Microphones to Spy On Ukrainian Businesses, Scientists and Media
February 21, 2017Swati Khandelwal
Ukraine has once again been a target of a potential hacking attack that infected computer systems from dozens of Ukrainian businesses with highly sophisticated malware, allowing hackers to exfiltrate sensitive data and eavesdrop on their network. Late last year, the country also suffered a power outage caused by the same group of hackers that targeted Ukraine's power grid with the BlackEnergy malware in late 2015, causing 225,000 residents to lose electricity. Now security researchers from threat intelligence firm CyberX have uncovered an advanced malware-based operation that has already siphoned over 600 gigabytes of data from about 70 victim organizations, including critical infrastructure, news media, and scientific research. Operation BugDrop: Damages and Modus Operandi Dubbed " Operation BugDrop ," the large-scale malware campaign has been perpetrated against targets in the Ukraine, though targets from other countries include Russia, Saudi Arabia, and Austr

Ukrainian Hacker Admits Stealing Corporate Press Releases for $30 Million Profit

Ukrainian Hacker Admits Stealing Corporate Press Releases for $30 Million Profit
May 17, 2016Wang Wei
A 28-year-old Ukrainian hacker has pleaded guilty in the United States to stealing unpublished news releases and using that non-public information in illegal trading to generate more than $30 Million (£20.8 Million) in illicit profits. Vadym Iermolovych, 28, admitted Monday that he worked with two other Ukrainian hackers to hack into computer networks at PR Newswire, Marketwired and Business Wire, and steal 150,000 press releases to gain the advantage in the stock market. The defendants then used nearly 800 of those stolen news releases to make trades before the publication of the information, exploiting a time gap ranging from hours to 3 days. The trades would occur in "extremely short windows of time between when the hackers illegally accessed and shared the [news] releases and when the press releases were disseminated to the public by the Newswires, usually shortly after the close of the markets," said the Department of Justice in a press release . Thirty-two pe

Hackers Cause World's First Power Outage with Malware

Hackers Cause World's First Power Outage with Malware
January 05, 2016Swati Khandelwal
SCADA system has always been an interesting target for cyber crooks, given the success of Stuxnet malware that was developed by the US and Israeli together to sabotage the Iranian nuclear facilities a few years ago, and " Havex " that previously targeted organizations in the energy sector. Now once again, hackers have used highly destructive malware and infected, at least, three regional power authorities in Ukraine, causing blackouts across the Ivano-Frankivsk region of Ukraine on 23rd December. The energy ministry confirmed it was investigating claims a cyber attack disrupted local energy provider Prykarpattyaoblenergo, causing the power outage that left half of the homes in Ivano-Frankivsk without electricity just before Christmas. According to a Ukrainian news service TSN, the outage was the result of nasty malware that disconnected electrical substations. Related Read: Dragonfly Russian Hackers Target 1000 Western Energy Firms . First Malware to
Online Courses and Software

Sign up for cybersecurity newsletter and get latest news updates delivered straight to your inbox daily.