This week, Ukrainian Police apprehended two separate groups of hackers responsible for launching DDoS attacks against news agencies and, respectively, stealing money from Ukrainian citizens.
According to the authorities, the four suspected hackers they arrested last week, all aged between 26 and 30, hacked into the computers of Ukrainian citizens and stole more than 5 million Hryvnia (approximately 178,380 USD) from their bank accounts.
The suspects conducted their attacks by scanning vulnerable computers on the Internet and infecting them with custom Trojan malware to seize complete remote control of the systems.
The group then enabled keylogging on the infected computers, presumably in an attempt to steal the banking credentials of victims who enter them on a banking website or their digital currency wallet while using infected computers.
Once the attackers obtained the victims’ banking and financial information, they logged into their online banking accounts and transferred funds or cryptocurrencies to accounts under their control.
“Such actions were typically committed at night,” the authorities said. “Additionally, the bank did not react to these transactions because they were conducted by a trusted user. The operation was legitimate in every way.”
In addition to stealing money, the suspects left a backdoor on the victims’ computers for future control, allowing them to use them for other illegal activities.
Several articles of the Ukrainian Criminal Code, including theft and unauthorized interference with the operation of computers, automated systems, computer networks, or telecommunication networks, have been invoked against all four individuals.
Two DDoS Hackers from Ukraine are Arrested
In a separate press release, police today announced the arrest of two other hackers, aged 21 and 22, suspected of launching DDoS attacks against several vital Ukrainian resources, including news websites for the city of Mariupol and several state-run schools.
According to the authorities, the duo created two DDoS hacking tools that they used to send hundreds of automated queries per second to their targeted regional information resources, thereby rendering their service unavailable.
Article 361 of the Criminal Code of Ukraine stipulates that unlawful interference with the operation of computers, automated systems, computer networks, or telecommunication networks is punishable by up to six years in prison.