Cyber police in the Kharkiv region exposed members of a criminal hacker group who purposefully carried out attacks on private organizations and individuals to illegally gain access to their remote servers. It is established that in this way they managed to hack more than 20 thousand servers around the world.
According to employees of the Department for Combating Cybercrime, the attackers sold the hacked accesses to customers. In addition, law enforcement identified all members of this group. So, it included three Ukrainian and one foreigner. All of them were well-known participants of hacker forums and carried out orders hacking remote servers located in the territory of Ukraine, Europe and the USA.
Cyber police found that the criminal group had been operating since 2014. Its participants carried out bruteforce attacks on private enterprises and individuals. They used for attacks specialized software that exploited vulnerabilities of Windows-based servers.
It is known that attackers sold some hacked servers to other hackers who used the acquired information for their own purposes, for example, they demanded money from a victim or threatened to debit money from bank cards.
They also used part of the servers for their own purposes: creating botnets for mining, DDoS attacks, installing software command centers for viruses like Stealer, turning them into tools for conducting brute-force attacks on new network nodes.
Cybercriminals received income from their illegal activities on e-wallets. Almost $80,000 was found in some accounts.
To coordinate the actions of all members of the international hacker group, communication between them took place through hidden messengers.
Cyber police together with investigators of the Kharkiv region police conducted searches of the places of residence of the persons involved in the international hacker group. Computer equipment, additional media, draft records, mobile phones and bank cards that were used to commit crimes were seized.