Ukrainian cyber police have detained three members of an organized criminal gang suspected of hijacking more than 100 million email and Instagram accounts from users across the world.

The suspects, who are between the ages of 20 and 40, used a technique called brute force, in which attackers attempt to gain access to a targeted account by repeatedly trying  different combinations of usernames and passwords until the correct one is found. According to Ukraine’s law enforcement, the criminals used special software to carry out those attacks. 

The group has been active for about a year, operating from cities across Ukraine. The criminals had an organized structure where the leader assigned tasks to other members. They compiled databases of hijacked accounts and sold them on the darknet to other criminals, who then used this data for fraud — for example, to message the victims’ contacts and ask for money.

Ukraine’s police have also launched an investigation into the potential collaboration of suspects with Russia, since some of the stolen accounts were used to conduct psychological operations (PSYOPS) to promote Russian interests. Typically, these operations involve publishing fakes or anti-Ukrainian posts on social media. 

During the searches in several Ukrainian cities, the law enforcement seized more than 70 pieces of computer equipment, 14 phones, bank cards and more than $3,000 in cash. 

The investigation into the case is still ongoing, and more information may come out soon. If found guilty, the arrested individuals could face up to 15 years in prison.

In February, Ukrainian cyber police arrested two affiliates of the notorious LockBit ransomware gang in Ukraine. The suspects — a father and son — allegedly carried out cyberattacks on behalf of LockBit, affecting people, enterprises, state agencies, and healthcare institutions in France.

Get more insights with the

Recorded Future

Intelligence Cloud.

Learn more.