Search This Blog
Powered by Blogger.

Blog Archive

Labels

Footer About

Footer About

Labels

Load More
Trendy Right Now

Popular Posts

Showing posts with label Ukraine cyber police. Show all posts
Ukraine cyber police
browser session theft Cybercrime Investigation Infostealer malware stolen credentials Telegram cybercrime Ukraine cyber police

Ukrainian Cyber Police Uncover Alleged Infostealer Operation Linked to 18-Year-Old Suspect

 


Ukrainian cyber police, in collaboration with U.S. law enforcement agencies, have identified an 18-year-old resident of Odesa who is suspected of operating an infostealer malware campaign that targeted customers of a California-based online retailer.

Authorities allege that between 2024 and 2025, the suspect used information-stealing malware to compromise users’ devices and obtain browser session data along with account login credentials.

Infostealers are a widely used form of malicious software designed to collect sensitive information from infected systems. The stolen data can include passwords, browser cookies, session tokens, cryptocurrency wallet details, and payment information, which are often exploited for fraud, account takeovers, and illicit resale.

Investigators reported that the operation affected approximately 28,000 customer accounts. Cybercriminals allegedly exploited around 5,800 of those accounts to make unauthorized purchases worth nearly $721,000. The attacks also resulted in direct financial losses of about $250,000, including chargeback-related expenses.

“To carry out the criminal scheme, the attackers used 'infostealer' malware that secretly infected users’ devices, collected login credentials, and transmitted them to servers controlled by the attackers,” the police says.

“The information was then processed and sold through specialized online resources and Telegram bots.”

According to law enforcement officials, the suspect also conducted cryptocurrency transactions with accomplices involved in the scheme.

The session information referenced by investigators reportedly included session tokens, which can allow unauthorized access to online accounts without requiring passwords. In certain situations, these tokens may even enable attackers to bypass multi-factor authentication (MFA) protections.

Police believe the 18-year-old played a key role in the operation by managing the infrastructure used to process, distribute, and exploit stolen session data.

During the investigation, officers carried out searches at two residences connected to the suspect. Authorities seized mobile phones, computer hardware, bank cards, digital storage devices, and additional electronic evidence believed to be linked to the cybercrime activity.

Investigators stated that the evidence includes access to platforms used for selling stolen information, tools for managing compromised accounts, server activity records, and accounts on cryptocurrency exchange services.

While authorities have identified the suspect and collected significant evidence, the official announcement does not indicate that an arrest has been made. This suggests investigators may still be gathering additional information before filing formal charges.

Read more »
Subscribe to: Posts (Atom)