SBU identifies FSB hackers behind over 5,000 cyberattacks on Ukraine gov’t agencies

SBU identifies FSB hackers behind over 5,000 cyberattacks on Ukraine gov’t agencies

photos, video
Cyber security experts with the SBU Security Service of Ukraine have identified hackers from the notorious ARMAGEDON group, responsible for more than 5,000 cyberattacks on Ukrainian government bodies and critical infrastructure facilities.

It has been established that the group is part of the FSB security service operating from the occupied Crimea, as well as traitors who sided with the enemy during the occupation of the peninsula in 2014, the SBU press center reported, according to Ukrinform.

The Ukrainian security agency revealed the identities of the culprits, obtained incontrovertible evidence of their illegal activity, including intercepted phone calls – despite the fact that the ring employed the FSB-produced malware, as well as means of online anonymization.

Currently, five members of the criminal group were charged with high treason under Art. 111 of the Criminal Code of Ukraine.

Read also: SBU neutralizes 65,000 bots across social networks in 2021

According to information available to the SBU, the ARMAGEDON hacker group is a special FSB project, whose primary target was Ukraine. Its work was coordinated by the FSB’s 18th Center (Information Security Center), based in Moscow.

Since the onset of Russian aggression in 2014, the perpetrators have carried out more than 5,000 cyberattacks and pursued attempts to “infect” more than 1,500 government computer systems.

The FSB-run group’s main goals were as follows:

Gaining control over critical infrastructure (power plants, heating and water supply systems);

Intelligence gathering on security, defense, as well as the operations of government agencies;

Conducting psy-ops; and

Blocking information systems.

Further inquiry, including forensic examinations, is underway to bring the FSB operatives to justice on the charges of espionage, unauthorized interference with the computer systems, and creation of malicious software or hardware.

The investigation involved the SBU Department of Cyber Security and the Main Intelligence Directorate of the Ministry of Defense, operating under the procedural guidance of the Office of the Prosecutor General.


While citing and using any materials on the Internet, links to the website not lower than the first paragraph are mandatory. In addition, citing the translated materials of foreign media outlets is possible only if there is a link to the website and the website of a foreign media outlet. Materials marked as "Advertisement" or with a disclaimer reading "The material has been posted in accordance with Part 3 of Article 9 of the Law of Ukraine "On Advertising" No. 270/96-VR of July 3, 1996 and the Law of Ukraine "On the Media" No. 2849-Х of March 31, 2023 and on the basis of an agreement/invoice.

© 2015-2024 Ukrinform. All rights reserved.

Extended searchHide extended search
By period: