Ukraine
Black Basta boss makes it onto Interpol’s ‘Red Notice’ list
The identity of the Black Basta ransomware gang leader has been confirmed by law enforcement in Ukraine and Germany, and the individual has been added to the wanted list of Europol and Interpol. Germany’s Federal Criminal Police Office (BKA) identified Oleg Evgenievich Nefedov, a 35-year-old Russian national, as the leader of the Black Basta ransomware gang. The Ukrainian […]
Ukraine’s army targeted in new charity-themed malware campaign
Officials of Ukraine’s Defense Forces were targeted in a charity-themed campaign between October and December 2025 that delivered backdoor malware called PluggyApe. Ukraine’s CERT says in a report that the attacks were likely launched by the Russian threat group known as ‘Void Blizzard’ and ‘Laundry Bear’, although there is medium confidence in attribution. Laundry Bear is […]
Ukrainian hacker admits affiliate role in Nefilim ransomware gang
A Ukrainian national pleaded guilty on Friday to conducting Nefilim ransomware attacks that targeted high-revenue businesses across the United States and other countries. The defendant, 35-year-old Artem Aleksandrovych Stryzhak, was arrested in Spain in June 2024 and extradited to the U.S. on April 30, 2025. Stryzhak has admitted to computer fraud conspiracy charges brought by U.S. prosecutors in […]
European authorities dismantle call center fraud ring in Ukraine
European law enforcement authorities dismantled a fraud network operating call centers in Ukraine that scammed victims across Europe out of more than 10 million euros. Authorities from the Czech Republic, Latvia, Lithuania, and Ukraine (supported by Eurojust) arrested 12 suspects out of 45 identified during the investigation. They also seized 21 vehicles, weapons, a polygraph […]
Ukrainian hacker charged with helping Russian hacktivist groups
U.S. prosecutors have charged a Ukrainian national for her role in cyberattacks targeting critical infrastructure worldwide, including U.S. water systems, election systems, and nuclear facilities, on behalf of Russian state-backed hacktivist groups. On Tuesday, 33-year-old Victoria Eduardovna Dubranova (also known as Vika, Tory, and SovaSonya) was arraigned on charges related to her alleged role in […]
Spain arrests teen who stole 64 million personal data records
The National Police in Spain have arrested a suspected 19-year-old hacker in Barcelona, for allegedly stealing and attempting to sell 64 million records obtained from breaches at nine companies. The teen now faces charges related to involvement in cybercrime, unauthorized access and disclosure of private data, and privacy violations. “The cybercriminal accessed nine different companies […]
Poland arrests Ukrainians utilizing ‘advanced’ hacking equipment
The police in Poland arrested three Ukrainian nationals for allegedly attempting to damage IT systems in the country using hacking equipment and for obtaining “computer data of particular importance to national defense.” The three men, aged between 39 and 43, could not explain why they were carrying the electronic devices. They now face charges of fraud, computer […]
Sandworm hackers use data wipers to disrupt Ukraine’s grain sector
Russian state-backed hacker group Sandworm has deployed multiple data-wiping malware families in attacks targeting Ukraine’s education, government, and the grain sector, the country’s main revenue source. The attacks occurred in June and September, cybersecurity company ESET says in a report today, and continue Sandworm’s (a.k.a. APT44) string of destructive operations in Ukraine. As the name indicates, […]
PhantomCaptcha ClickFix attack targets Ukraine war relief orgs
A spearphishing attack that lasted a single day targeted members of the Ukrainian regional government administration and organizations critical for the war relief effort in Ukraine, including the International Committee of the Red Cross, UNICEF, and various NGOs. Dubbed PhantomCaptcha, the one-day campaign attempted to trick victims into running commands used in ClickFix attacks, disguised as […]
US charges admin of LockerGoga, MegaCortex, Nefilim ransomware
The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his role as the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware operations. Also known online as deadforz, Boba, msfv, and farnetwork, Tymoshchuk was involved in ransomware attacks that led to the breach of hundreds of companies, resulting in millions of dollars […]