Ukrainian police have detained a 28-year-old man from Kyiv, suspected of collaborating with Russian hacking groups Conti and LockBit, which used his software to mask computer viruses.
The Cyber Police of Ukraine and the National Police investigators found that the detainee specialized in developing programs for disguising malicious programs as safe files. Russian hackers used this disguised malware to infect computer networks and demanded a ransom for data decryption. Thanks to his programming skills, the suspect was able to hide the malware from the most popular antiviruses. For these services, the hacker received cryptocurrency from the Conti group, which in 2021 used its programs to disable computer networks in the Netherlands and Belgium. The detainee also helped the LockBit group, which specializes in attacks on large enterprises.
The investigation is ongoing, and the suspect could face up to 15 years in prison for unauthorized access to computer systems, with additional charges possible. In February, the FBI, Europol and other authorities seized LockBit’s infrastructure, arrested several affiliates, exposed the leaders, and returned 7,000 decryption keys. The Conti group was declared liquidated.