21 February 2024

Ukrainian Cyber-Criminal Hacker Arrested for Selling Bank Accounts of U.S. + Canadian Users

Ukraine's cyber police arrested a 31-year-old for running a cybercrime operation that gained access to bank accounts of American and Canadian users and sold them on the dark web.
The arrest occurred on February 14, at the suspect's home. The police confiscated various items during three separate searches, including a luxury Mercedes-Benz SUV worth around $65,000.
The suspect distributed trojanized software as free resources using several websites that he administered. He also promoted these sites through advertising campaigns.
The police note that the suspect distributed software for both desktop and mobile (Android) operating system.

"To distribute his virus, the hacker created and administered several websites, offering users to download various software for free," reads the police's announcement.
"The suspect launched an entire advertising campaign on the internet to "promote" the controlled web resources."
Suspect's computer desk
Suspect's computer desk (cyberpolice.gov.ua)
The payloads infected the victims' devices and siphoned sensitive data to the hacker, who used it to hack into the victim's Google accounts and online banking.
  • The hacker then sold access to the breached accounts to other cybercriminals over the dark web, arranging payments in Bitcoins after contacting them over the phone using a Russian number.
  1. The Ukrainian authorities say that the suspect had accomplices for this activity, who maintained darknet accounts. 
  2. Their identities is currently unknown but authorities are looking to learn who they are during the investigation.
The press release from the police also mentions that the hacker has been active since 2017 and pivoted to phishing in 2021. 
  • Preliminary details confirmed that the cybercriminal obtained at least $92,000 from his activity, but that figure is likely to be much higher.
The arrest occurred on February 14, at the suspect's home. The police confiscated various items during three separate searches, including a luxury Mercedes-Benz SUV worth around $65,000.
For his criminal activity, the suspect now faces up to 8 years of prison and the confiscation of all property, for violations in the Criminal Code of Ukraine 
  • Part 2 of Article 209 (laundering of property obtained by criminal means), 
  • Part 2 of Article 361 (unauthorized interference with the operation of information systems, electronic communication networks), and 
  • Part 1 of Article 361-1 (creation for the purpose of illegal use, distribution, or sale of harmful software or technical means, as well as their distribution or sale).
> To reduce the risk of malware infections while searching for specific software tools, users should exercise caution with promoted results in Google Search and verify that the loaded site is the official one from the vendor.
> It is also a good idea to use an ad-blocker that can automatically hide promoted results on Google Search, safeguarding online activities from malvertising threats.

A groundbreaking arrest by Ukraine’s cyber police has put the spotlight on a sophisticated cybercrime operation that targeted bank accounts of users in the United States and Canada, selling their personal financial information on the dark web. 

The Mechanism of Cyber Deception

The individual cleverly disguised harmful software as harmless applications, available for free on various websites he controlled. 
  • These websites were aggressively promoted online, drawing in unsuspecting users into downloading the malicious software.
Once installed, this software went to work silently, extracting sensitive information from the victims’ devices. 
This data, including online banking and Google account credentials, was then used by the perpetrator to gain unauthorized access to the victims’ accounts.

Dark Web Transactions and the Hunt for Accomplices

The stolen account was sold on the dark web, with transactions conducted in Bitcoin. The perpetrator used secure communication channels to deal with buyers, indicating a well-organized operation.
  • According to the authorities, the individual had accomplices who were involved in managing the sales on darknet platforms. 
  • They are currently being sought by authorities as their identities are not known. 
«Заробив» понад 3,5 млн грн на викраденні даних мешканців США і Канади: поліцейські викрили хакера

Investigations have revealed that the operation dates back to 2017, with a significant portion of the activities centered around phishing. 
  • The financial gains from this illicit enterprise are estimated to be at least $92,000, though the true extent of the financial damage is likely much greater.
  • A raid on the suspect’s home led to the seizure of significant evidence, including a luxury vehicle. 
  • The individual now faces charges that could result in up to eight years of imprisonment, highlighting the severe consequences of engaging in cybercrime.

Final Word

This incident highlights the importance of vigilance in the digital age. Users are advised to exercise caution when downloading software, especially from promoted search engine results. Verifying the legitimacy of download sources and using ad-blockers can offer additional layers of protection against such cyber threats.

author 

Anas Hasan

Anas Hassan is a tech geek and cybersecurity enthusiast. He has a vast experience in the field of digital transformation industry. When Anas isn’t blogging, he watches the football games.



Security News > 2024 > February > Hacker arrested for selling bank accounts of US, Canadian users

Hacker arrested for selling bank accounts of US, Canadian users
2024-02-18 15:06

Ukraine's cyber police arrested a 31-year-old for running a cybercrime operation that gained access to bank accounts of American and Canadian users and sold it on the dark web.

"To distribute his virus, the hacker created and administered several websites, offering users to download various software for free," reads the police's announcement.

The payloads infected the victims' devices and siphoned sensitive data to the hacker, who used it to hack into the victim's Google accounts and online banking.

The hacker then sold access to the breached accounts to other cybercriminals over the dark web, arranging payments in Bitcoins after contacting them over the phone using a Russian number.

The press release from the police also mentions that the hacker has been active since 2017 and pivoted to phishing in 2021.

No comments:

Centrifugal Hyper-Gravity and Interdisciplinary Experiment Facility >> China turns on hyper-gravity machine to ‘compress’ time and space

The world's most advanced hypergravity machine - capable of generating forces thousands of times greater than Earth's surface gravit...