Ukraine probes teen suspect in cyber theft scheme targeting California online shoppers
The investigation began after U.S. authorities informed their Ukrainian counterparts that hackers operating from Ukraine could be involved in attacks targeting users of American e-commerce platforms, Ukraine's Prosecutor General said.
Ukrainian authorities have identified an 18-year-old suspect allegedly linked to an international cybercrime operation that compromised nearly 30,000 customer accounts and targeted users of a U.S.-based online retailer, officials said.
The investigation began after U.S. authorities informed their Ukrainian counterparts that hackers operating from Ukraine could be involved in attacks targeting users of American e-commerce platforms, Ukraine's Prosecutor General said in a statement on Wednesday.
According to investigators, the group gained unauthorized access to tens of thousands of customer accounts belonging to an unnamed online retailer in California between 2024 and 2025.
Source: https://therecord.media/ukraine-probes-teen-suspect-cyber-theft-scheme
Related breach coverage
- Authorities arrest 23-year-old accused of running the Kimwolf botnet2026-05-22
Canadian authorities arrested a 23-year-old Ottawa man accused of running the Kimwolf DDoS botnet. The US is now seeking extradition. US authorities have charged 23-year-old Jacob Butler (aka “Dort”), an Ottawa resident, for allegedly operating the recently disrupted Kimwolf botnet. Authorities arrested the suspect in Canada, he could face up to 10 years in prison […]
- Ghostwriter Is Back, Using a Ukrainian Learning Platform as Bait to Hit Government Targets2026-05-23
Ghostwriter targeted Ukrainian government agencies with phishing emails delivering malware and Cobalt Strike payloads. The Belarus-nexus APT group Ghostwriter (also tracked as UAC-0057 and UNC1151) has resurfaced with a new phishing campaign targeting Ukrainian government organizations. This time the lure is Prometheus, a legitimate Ukrainian online learning platform that many government employees actually use. Using […]
- Pwn2Own Berlin 2026, Day One: $523,000 paid out, AI products fall2026-05-15
Pwn2Own Berlin 2026 day one saw 22 entries and 24 zero-days across major software, with researchers earning $523,000 in total rewards. Day one of Pwn2Own Berlin 2026 featured 22 entries targeting widely used technologies, including browsers, operating systems, AI platforms, and NVIDIA infrastructure. By the end of the day, researchers demonstrated 24 unique zero-day vulnerabilities […]
- CVE-2026-9082: Drupal’s Highly Critical SQL Injection Flaw Is Already Under Active Attack2026-05-23
Attackers began exploiting Drupal SQL injection flaw CVE-2026-9082 within 48 hours of patch release. Drupal issued a highly critical security patch on May 20 for CVE-2026-9082, a SQL injection vulnerability that allows unauthenticated attackers to compromise sites running PostgreSQL databases. The project maintainers warned ahead of the release that exploits could surface within hours or […]