The cyberpolice in Ukraine, collaborating with U.S. law enforcement, have uncovered an 18-year-old individual from Odesa who is suspected of orchestrating an infostealer malware campaign aimed at customers of an online store in California.
As per the Ukrainian authorities, the perpetrator utilized information-stealing malware from 2024 to 2025 to infect devices, extract browser sessions, and pilfer account credentials.
Infostealers, a prevalent form of malware, are designed to harvest sensitive information such as passwords, browser data, crypto wallets, and payment details from compromised devices, which is then sent to cybercriminals for illicit activities like account theft and fraud.
The illicit activities associated with the young hacker impacted a total of 28,000 customer accounts, with cybercriminals exploiting 5,800 of them to make unauthorized purchases amounting to approximately $721,000. The nefarious operation resulted in direct losses of $250,000, including chargebacks.
The police report highlights that the attackers employed ‘infostealer’ malware to covertly infect devices, gather login credentials, and transmit the stolen data to servers controlled by the criminals.
The acquired information was subsequently processed and sold through dedicated online platforms and Telegram channels.
Authorities also mention that the suspect engaged in cryptocurrency transactions with accomplices.
The reference to “session data” in the police statement pertains to session tokens that enable access to a victim’s account without requiring login credentials, potentially bypassing multi-factor authentication (MFA) checks.
The 18-year-old suspect managed the online infrastructure responsible for processing, selling, and utilizing the pilfered session data, indicating a central role in the operation.
Law enforcement authorities executed two searches at the suspect’s residences, confiscating mobile phones, computer gear, bank cards, digital storage media, and other digital evidence that substantiate his involvement in the criminal enterprise.
The gathered evidence includes access to platforms used for trading stolen data, managing compromised accounts, server logs, and accounts on cryptocurrency exchanges.
Currently, the authorities have identified the suspect, carried out searches, and confiscated devices and evidence linking him to the criminal activities.
However, there is no mention of an arrest in the announcement, indicating that investigators may be in the process of building a case before proceeding with formal charges.
Automated pentesting tools offer significant value but primarily focus on assessing an attacker’s ability to navigate through a network. They do not assess the effectiveness of your security controls, detection mechanisms, or cloud configurations.
Discover the 6 critical areas that you must validate.
Download Now
EU Takes Action Against Instagram and Facebook for Violating Illegal Content Rules
Warning: Facebook Creators Face Monetization Loss for Stealing and Reposting Videos
Facebook’s New Look: A Blend of Instagram’s Style
Facebook Compliance: ICE-tracking Page Removed After US Government Intervention
Facebook and Instagram to Reduce Personalized Ads for European Users
InstaDub: Meta’s AI Translation Tool for Instagram Videos
Reclaim Your Account: Facebook and Instagram Launch New Hub for Account Recovery
Meta discontinues Messenger apps for Windows and macOS
Subscribe to our weekly newsletter below and never miss the latest News or an exclusive offer.
