Ukraine Hacker Arrested for Selling Confidential Government Database for Cryptocurrency

Amid increasing cyberattacks on government agencies, Ukraine cyberpolice arrested a hacker for selling sensitive information

Ukraine's cyber police arrested a hacker for selling confidential government databases for cryptocurrency. According to the police, the hacker, whose identity was not revealed, broke into government database through personal accounts of authorized staff.

According to cyber police authorities, the hacker used brute force approaches to break into social media accounts and email addresses to gain access to at least 50 up-to-date government databases. Once he was able to gather data, the hacker then sold them on specialized forums using messenger for cryptocurrency, Ukraine's cyber police revealed.

On July 8, the cyber police confiscated the hacker's computer and noticed a Skype conversation in regard to the sale of the database. As per the conversation, the hacker charged 6.5 rubles (10 cents) per valid database entry. Since the price was quoted in rubles to the customer, the police believe he was located in Russia.

Ukraine cyberpolice
Ukraine cyberpolice found the hacker selling the stolen database on messenger apps Facebook/ Ukraine Cyerpolice

The cybercriminal has been charged for "unauthorized sale or dissemination of information with limited access" stored in computers, automated systems, networks or on media under Article 361-2 of the penal code of Ukraine. If proven guilty, he will face imprisonment of up to five years. However, considering he was not charged for high treason, the leaked database was not very sensitive, revealed Cointelegraph.

The hacker was selling the database on messenger Facebook/ Ukraine Cyerpolice

Government Databases Targeted

This incident comes after BlueLeaks exposed data from hundreds of police departments in the US last month. DDoSecrets, a site similar to WikiLeaks, dumped around 270 gigabytes of data which was reportedly obtained during a cyber attack on a Texas web design company, which maintained a number of state law enforcement data sharing portals. The data was leaked on the internet on its website which was accessible to the public.

On its Twitter handle, which has now been suspended, DDoSecrets said that BlueLeaks indexed "ten years of data from over 200 police departments, fusion centers, and other law enforcement training and support resources". It further added that the data included documents, police, and FBI reports. On July 7, German authorities ceased DDoSecrets servers which were located in that country.

Screengrab of BlueLeaks data dump

A recent study by Emsisoft, from January to April 2020, revealed that at least 60 government entities including cities, transport agencies, police departments, and other federal agencies had been breached. Even hospitals and healthcare providers, schools, and universities were also targeted by hackers in the first six months of this year.

Related topics : Cybersecurity