In collaboration with the Federal Bureau of Investigation, the SSU’s cyber units have exposed russian intelligence services carrying out systematic cyber-attacks on messaging apps used by officials, military personnel, politicians and activists in Ukraine, Europe and the US.

These hacks aim to gain access to sensitive military, political and economic information exchanged by users, as well as steal their personal data.

russian hackers use a variety of tools and methods to carry out such cyberattacks.

For instance, to lure out account passwords, they most often send text messages purporting to be from ‘Support Teams’. These actions are disguised as the work of official support teams, and the messages themselves arrive in the early hours of the morning when users are at their most vulnerable, both physically and emotionally.

The Security Service of Ukraine emphasises that russian intelligence services and associated hackers are targeting not only organisations, officials and public figures, but also the personal accounts of Ukrainian citizens.

The Security Service of Ukraine urges citizens to take care of their cybersecurity and follow basic cyber hygiene rules:

• Regularly check your active sessions in messaging apps and log out of any unknown connections.
• Enable two-factor authentication, use a complex alphanumeric PIN code.
• Do not share verification codes, PINs, passwords or account recovery keys with anyone.
• Do not click on suspicious links, even if they come from people you know. Their account may already have been hacked.
• Do not open files from unknown or suspicious chats, especially if you are asked to do so on a computer.
• Do not scan QR codes sent by unknown bots or users. Attackers can use them to link their device to your account.

Detailed instructions on how to protect your accounts on messaging apps can be found here.

If you receive any suspicious messages via messaging apps, please report them to the SSU’s Cybersecurity Situation Centre. Email address: incident@dis.gov.ua.