A Ukrainian hacker got caught selling confidential information gathered from Ukrainian central government databases.
According to a media release from the Ukrainian Cyberpolice, a hacker whose identity wasn’t disclosed surely could break in to many government databases by compromising personal accounts of authorized staff.
The hacker reportedly used brute force approaches to break into email addresses and social media marketing accounts. Through this simple method, that he appears to have found 50 government databases with up-to-date information.
He then sought to sell the captured info on hacker forums in exchange for cryptocurrency. Authorities did not disclose which currency was used.
The police searched the perpetrator’s apartment and confiscated the apparatus that was used to conduct these deals. A picture from what seems to be his computer shows a Skype conversation supposedly associated with these deals. The hacker told a potential customer that the price was “6.5 [rubles] for one valid [entry].” Presumably the client was situated in Russia, as Ukraine’s currency is the hryvnia. The price quote amounts to about $0.10 per database entry.
The perpetrator was charged with “unauthorized sale and distribution of information with limited access,” a crime with a maximum prison sentence of five years. Given the possible lack of high treason charges, it appears likely that the data wasn’t extraordinarily painful and sensitive.
Other hacking stories
Hackers will frequently use cryptocurrency to sell painful and sensitive data. As Cointelegraph reported earlier in July, a hacker group netted over $7 million by attempting to sell stolen charge card data.
One common hacking method involving cryptocurrencies is ransomware, where malware encrypts the computer’s data and requests payment in crypto to unlock it. Despite many reported attacks, a recent finding shows that the frequency of those exploits declined in 2020.
A high profile data leak interested the crypto world in May, each time a SIM swapping attack triggered the compromise of BlockFi’s customer database.