Ukraine cyber cops collar man who allegedly hooked citizens up to Russian internet
'Self-taught hacker' facing a possible 15 years in the slammer
A 28-year-old Ukrainian is potentially facing up to 15 years in prison for allegedly operating what the war-torn nation's cyber police are calling an illegal VPN service that facilitated access to sanctioned Russian websites.
Police described the man, who hasn't been named, as a "self-taught hacker" who created the service, called Startup, around the time Russia began its invasion of Ukraine in February 2022.
Startup allowed users to access more than 48 million Russian IP addresses and supported upwards of 100 GB of traffic a day, according to the Cyber Police of Ukraine.
Following Russia's invasion of Ukraine, the country's National Security and Defense Council (NSDC) introduced sprawling sanctions against many entities in Russia, essentially barring citizens from accessing internet services operating from .ru or .su domains.
The suspect resided in Khmelnytskyi, a city in Ukraine's west, and police allege he'd set up an autonomous server room in his apartment, as well as renting servers in Germany, France, the Netherlands, and Russia.
Following a police raid, authorities said yesterday that they'd seized server equipment, computers, and mobile phones, all of which are being analyzed by digital forensics specialists for additional evidence and leads.
It's unclear if the suspect was assisted by others, and the police are combing for clues that could lead to the identification of any accomplices. Additional raids were carried out in Khmelnytskyi and Zhytomyr to the north.
- Happy birthday, Putin – you've been pwned
- DOJ, Microsoft seize 107 domains used in Russia's Star Blizzard phishing attacks
- Evil Corp's deep ties with Russia and NATO member attacks exposed
- Starlink-branded hardware reportedly found amid wreckage of downed Russian drone
Authorities are concerned that the VPN service was used by Russian operatives to spy and gather information on users of Startup in Ukraine. Police are also probing to ascertain whether the suspect was cooperating with the Russian state while developing Startup.
The man marketed Startup via Telegram after initially presenting himself as a project developer seeking like-minded people, the police claim. He also used a "world-famous IT resource" to advertise the service, though the exact brand wasn't specified.
This isn't the first time Ukrainian nationals have been caught carrying out activities seemingly in support of Russia since the war broke out.
Last year, the same cyber cops brought down a bot farm used for disseminating misinformation, propaganda, and fraud schemes.
Police said more than 100 operators were involved across sites located in Vinnytsia, Zaporizhzhia, and Lviv. More than 350 GSM gateways and 150,000 SIM cards were seized from 21 raids, along with miscellaneous IT equipment.
A similar SIM farm run by Ukrainians was dismantled in June, only this one was used to target their own soldiers with spyware. ®