Authorities shut down massive data theft operation in dark web; 50 suspects arrested

Ukrainian authorities announced the arrest of 51 individuals accused of stealing confidential information from people around the world for sale on various dark web hacking forums. According to the Ukraine Cyberpolice Department report, the operation also involved the seizure of 100 personal databases collected between 2020 and 2021, which were storing information about 300,000 people in Europe and the United States.

In addition to the arrests and seizures, Ukraine’s police managed to shut down one of the largest platforms for the illegal sale of information. On this website, whose name was not disclosed, users could register to buy and sell stolen data, including full names, phone numbers, registered vehicles and other details.

Serhiy Lypka of the Cyberpolice Department mentions that hackers were selling this information on illegal forums, social media and instant messaging apps: “A total of 117 searches were conducted in different regions of Ukraine. As a result, over 90k GB of information were removed”, he assures. 

All the arrests took place during the month of November, implementing an ambitious operation called DATA, whose main objective was to disrupt the illegal distribution chain of personal information stolen in clandestine forums.

This operation is part of the efforts that the Ukrainian government has undertaken against cybercriminal activities over the past year. A few weeks ago, the Security Service of Ukraine arrested five individuals accused of belonging to the international hacking group known as Phoenix, specializing in the remote hacking of mobile devices.

In an earlier operation, this agency managed to dismantle a network of six call centers in Lviv, used by an operation of scammers to deceive cryptocurrency enthusiasts around the world. This criminal operation would have generated losses of more than $80 million USD in virtual assets, according to the US Federal Trade Commission (FTC).

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.