Ukraine busts bot farm spreading Russian infowar propaganda and fraud
Plus: Spanish cops arrest Ukrainian scareware dev after ten-year hunt
Ukrainian cops have disrupted a massive bot farm with more than 100 operators allegedly spreading fake news about the Russian invasion, leaking personal information belonging to Ukrainian citizens, and instigating fraud schemes.
After conducting 21 searches, the country's cyber and national police seized computer equipment, mobile phones, more than 250 GSM gateways, and about 150,000 SIM cards.
"The Cyber Police established that the attackers used special equipment and software to register thousands of bot accounts in various social networks and subsequently launch advertisements that violated the norms and legislation of Ukraine," according to machine translation of the news alert issued by the police.
Insiders in Vinnytsia, Zaporizhzhia, and Lviv were involved in the bot farm, we're told. Law enforcement are pursuing charges of interference with electronic communications, unauthorized sale of information stored on computers, and knowingly spreading false notifications about safety threats. Investigations remain ongoing.
Of course, Russian operatives spreading disinformation about the illegal war – or anything else, for that matter – isn't new. The Ukrainians have busted multiple bot farms behind more than one million fake social media accounts since the invasion began in February 2022.
Even before the war began, security researchers tracked a Russian influence campaign known as "Secondary Infektion" spreading misinformation about Ukrainian president Volodymyr Zelenskyy – including talk that the Jewish former comedian was a Nazi.
The uptick in Kremlin-backed information operations prompted Viktor Zhora, who leads Ukraine's cyber security agency, to call for a coordinated, global approach to counter propaganda and disinformation online.
The Kremlin, for its part, has also accused pro-Ukrainian hackers of promoting bogus alerts – like the text messages, radio broadcasts, and sirens warning of air raids or missile strikes on Russian cities that never occurred, back in February.
And just last month a deepfake video aired on Russian TV purportedly depicting Russian president Vladimir Putin declaring martial law.
- Ukraine security agency shutters Russian disinformation bot farms
- Russian IT guy sent to labor camp for DDoSing Kremlin websites
- Kremlin claims Ukraine hackers behind fake missile strike alerts
- Feds put $10m bounty on Putin pal accused of bankrolling US election troll farm
Meanwhile, Ukrainian scareware scammer cuffed
Over the weekend, Spanish police said they arrested a Ukrainian hacker who has been hiding from US law enforcement for more than a decade.
The fugitive, whose name has not been released, allegedly participated in a massive scareware operation between 2006 and 2011. During the course of the scareware scheme, the gang stole more than $70 million from thousands of victims worldwide, we're told.
Along with others involved in the fraud, the criminal infected victims' computers with malware that caused a pop-up message to appear on their devices. These messages falsely warned victims that their machines had been infected with a virus, and it could only be fixed by paying up to $129 to buy a fake security program.
This stuff is as old as email, but still people fall for it. At least the arrest shows that international law enforcement seldom forgets. ®