The Security Service of Ukraine (SBU) has dismantled two bot farms used by Russian intelligence agencies to hack phones of Ukrainian military personnel and spread the Kremlin propaganda.
In the Zhytomyr region, the SBU detained an individual who was mass-registering virtual mobile numbers of Ukrainian operators and anonymous Telegram accounts at the behest of Russia.
The suspect sold or rented out the activated accounts through specialized Russian online platforms. The mobile numbers then were used by Russian special services to hack the phones of Ukrainian soldiers.
The adversary sent phishing messages to the devices of Defense Forces soldiers from anonymous numbers and internet addresses registered in Ukraine. When opened, these files infected the victims’ devices with spyware, which was used to collect sensitive information.
Additionally, the bot farm's anonymous accounts were utilized to disseminate Kremlin narratives, posing as ordinary Ukrainian citizens.
Investigations revealed that the suspect had set up specialized software in her own apartment. She registered over 600 mobile numbers, and the proceeds from their sale were sent to her personal cryptocurrency wallet.
The suspect has been charged under Part 5 of Article 361 of the Criminal Code of Ukraine (Unauthorized interference with the operation of information and communication systems, electronic communication networks).
In Dnipro, a 30-year-old local resident was detained for registering nearly 15,000 fake accounts on various social networks and messengers, using SIM cards of Ukrainian mobile operators. These accounts were sold on darknet forums, where his primary buyers were representatives of Russian special services.
The suspect is accused of committing a crime under Part 1 of Article 110 of the Criminal Code of Ukraine (Encroachment on the territorial integrity and inviolability of Ukraine).
