Ukrainian Security Services Arrest Hacker Who Stole 773 Million Emails and 21 Million Passwords

A hacker identified as Sanix is reported to have been arrested and detained by Ukrainian law enforcement over the sale of a database that contained at least 773 million email addresses and 21 million unique passwords.

The Security Service of Ukraine (SSU) said it has confiscated numerous mobile and computer devices containing 2 terabytes of information and about $10,000 in Ukrainian local currency and USD. The seized devices had enough evidence of illegal activities according to the SSU report.

The hacker gained access to not just emails and passwords but PIN codes for bank cards, crypto wallets, PayPal and more belonging to people from different countries, mostly from the EU and US.

Sanix became famous long before this hack. In 2019, he teamed up with another famous hacker called Oxa and gained access to some 87 gibibytes of data, and the two were offering such vital information for sale for as low as $45 for unlimited access. 

After having detected that the hacker in question was a Ukrainian national living in the Western Ukrainian administrative region of Ivano-Frankivsk, the SSU located his home and made the seizures and arrest. According to Ukrainian law, Sanix could face up to eight years in jail.

Targeting digital development

As the government of President Volodymyr Zenelsky targets digital development of the country, it is no wonder that Ukrainian law enforcement and security services pay closer attention to cybersecurity. Back in 2019, the Security Service arrested a man that infected his own websites with malware like Wannacry. However, in this case, it was secretly mining cryptocurrency while people were visiting the websites.

Later on the same year, the watchdog exposed an illegal mining farm at a nuclear power plant in the city of Yuzhnoukrainsk. During the raid, detectives seized mining equipment from the plant’s administrative wing. It was said that such an illegal mining facility compromised the plant’s security due to the established Internet connection. Eventually, the operation of the equipment led to leaking the data about the physical protection system of the plant. 

However, this case seemed to draw the government’s attention to mining and consider gaining some profit from it. According to coinidol.com, a world blockchain news outlet, the country’s energy ministry was considering using surplus nuclear energy for cryptocurrency mining to raise funds for the State budget. Such an initiative supports Ukraine’s general vector for digital development. However, the current situation reveals the need to pay closer attention to cybersecurity.