Ukrainian police shut down bot farms dedicated to spreading pro-Russian fake news

Ukrainian authorities announced the dismantling of five huge bot farms from which more than 100,000 social media accounts dedicated to the spread of fake news were controlled as part of the disinformation campaigns orchestrated by Russia. Through this infrastructure, misleading or directly false news was distributed on social networks such as Facebook, Twitter and Instagram.

According to the Ukrainian Security Service (USS), the objective of the network was to destabilize the socio-political situation in several regions, thus curbing the resistance of the Ukrainian militia and facilitating the eventual Russian military occupation.

After a thorough investigation, SSU conducted five raids and confiscated all manner of electronic devices, including:

  • 100 sets of GSM gateways
  • Around 10,000 SIM cards from various mobile operators
  • Laptops and desktops used to monitor and coordinate bot activity 

Containing cyberattacks against Ukrainian technological infrastructure has not been easy. Over the past month, the SSU’s official platforms have been disconnected multiple times and for periods of up to three days, in a sign that Ukraine’s government faces increasingly complex problems keeping its critical systems online.

In a report issued this weekend, Ukrainian cyber police confirmed the arrest of a man accused of compromising social media accounts using malicious websites in order to prey on well-meaning citizens for alleged fundraising.

Soon after, the SSU announced the detection of a phishing campaign allegedly operated by Kremlin-sponsored threat actors. In this campaign, social media users were tricked into visiting malicious websites from where they would be infected with the dangerous PseudoSteel malware, which allowed hackers to search for and extract potentially sensitive files remotely.

The maintenance of its computer systems is essential for Ukraine, as activities such as the mobilization of refugees and the reception of food depend heavily on this technology. This is a sign of how devastating a cyberwarfare campaign can be today, especially in a country already facing military conflict.

To learn more about information security risks, malware variants, vulnerabilities and information technologies, feel free to access the International Institute of Cyber Security (IICS) websites.