Man Arrested for Selling Data on 300 Million Victims to Russians

Written by

Ukrainian cyber police have arrested a 36-year-old man from the western city of Netishyn on suspicion of selling data to Russian buyers on hundreds of millions of victims.

The police teamed up with Svyatoshyn district prosecutor’s office to track down the individual, who is said to have sought buyers for the stolen personal information on closed Telegram groups and channels.

Read more on Ukrainian cyber police campaigns: Ukrainian Police Bust Crypto Fraud Call Centers.

Databases discovered by the officers contained information including passport details, taxpayer numbers, birth certificates, driver’s licenses and bank account data on an estimated 300 million Ukrainian and EU citizens.

The man is said to have sold the stolen data for anywhere between $500 and $2000, depending on the volumes involved, and received payment in currencies banned in Ukraine, according to the police.

Not only did the suspect attempt to obstruct the investigation, but he also attacked a police officer during the arrest. At the property, officers seized mobile phones, dozens of hard drives, SIM cards, and computer and server equipment.

He was investigated under Part 2 or Article 361-1 – creation of software for illegal use or distribution/sale – and Article 362 – unauthorized access to computers/networks. Additionally, he’s likely to be charged under Part 2 of Article 345 – threat or violence against a law enforcement officer.

Ukrainian cybercrime remains a potent force, with European citizens often the victims. In November 2022, police swooped on five Ukrainian members of a transnational fraud gang responsible for an estimated $200m in losses.

Just last month, Ukrainian police claimed to have disrupted a prolific phishing gang they claim made 160 million hryvnias ($4.3m) from victims across Europe.

However, a report from Recorded Future in January claimed that the Russian invasion has had a chilling impact on the underground market for stolen cards.

It reported a 24% year-on-year decrease in the volume of card-not-present (CNP) records on dark web carding shops in 2022, to 45.6 million, and a 62% slump in card present records, to 13.8 million.

It blamed mass mobilization, migration, energy instability, inconsistent internet connectivity and deteriorated server infrastructure for the sharp decline.

What’s hot on Infosecurity Magazine?