Ukrainian Secret Service Detains Hacker Supporting Russian Invaders

The Security Service of Ukraine (SBU) has apprehended an individual identified as a hacker, who allegedly provided critical technical support to Russian military forces by facilitating mobile communication within Ukrainian territory. This operation reportedly involved the dissemination of messages to Ukrainian officials, encouraging them to surrender and collaborate with Russian forces.

Details surrounding the suspect remain undisclosed; however, it has been indicated that the hacker transmitted text messages directed at various Ukrainian officials, including security personnel and civil service members, with the intent to persuade them to defect. Furthermore, the SBU claims that the detainee managed to reroute phone calls coming from Russia directly to Ukrainian mobile phones utilized by Russian troops, thus enhancing the adversary’s operational communications.

According to SBU, the hacker made upwards of a thousand calls in a single day, many of which were made to the senior ranks of the invading Russian forces. The agency also disclosed that it has seized the equipment utilized for these operations, bolstering its case against the suspect, who is accused not only of enabling call routing but also of delivering commands and strategic guidance to various groups of Russian combatants. The SBU’s announcement stated, “He will be held accountable for all the severity of the law. Because on him is the blood of tens or even hundreds of killed Ukrainians.”

The timing of this arrest coincides with the emergence of a new data-wiping malware strain known as CaddyWiper, which has recently been identified in attacks against various organizations within Ukraine. This follows earlier incidents involving HermeticWiper and IsaacWiper, suggesting an escalation in cyber aggression accompanying Russia’s military actions.

In another notable cyber incident, a disruption of broadband satellite internet services in Ukraine was reported by Reuters. This attack, which occurred on February 24, coincided with Russia’s launch of a full-scale invasion, severely impacting satellite modems integrated within Viasat’s KA-SAT network. Such tactical cyber warfare further emphasizes the urgent need for businesses and stakeholders in the tech sector to heighten their cybersecurity measures—recognizing that adversaries may leverage sophisticated techniques for both data compromise and operational sabotage.