Russia impersonating Ukraine's security service to recruit saboteurs, SBU warns
Russian intelligence operatives are impersonating Ukraine's Security Service (SBU) in an expanded effort to recruit Ukrainian civilians for sabotage operations, the SBU said June 5.
The new tactic, described by the agency as a 'false flag' operation, involves contacting Ukrainian citizens while posing as SBU officials conducting official inquiries. The SBU said this marks a notable escalation and shift in Russia's recruitment strategy.
"This is a so-called special operations technique known as 'false flag,' which has not been used by Russian invaders until now, but which they are actively trying to apply now," the agency said in a statement.
According to the SBU, targeted individuals typically receive messages via instant messaging apps, instructing them to report to an 'SBU investigator' regarding fabricated criminal charges.
That 'assistance,' however, comes with strings attached. Victims are pressured into carrying out tasks ranging from surveillance and courier duties to transferring funds. In more serious cases, they are asked to purchase chemicals for explosive devices, set fire to Ukrainian military vehicles or conduct sabotage against government buildings.
"In some cases, Russian curators also demand that malicious software be installed on the victim's phone, allowing them to monitor activity and location in real time," the SBU statement said.
While earlier recruitment efforts focused largely on teenagers, the SBU warned that elderly Ukrainians are now increasingly being targeted. The agency said it has disrupted several of these operations in recent weeks but did not provide specific examples.
Since the start of Russia's full-scale invasion, Ukrainian officials say the Kremlin has stepped up intelligence-gathering and subversive activity inside Ukraine, with particular focus on coercing civilians into supporting reconnaissance and sabotage efforts.
Read also: Putin rejects Zelensky's call for peace talks, accuses Ukraine of deadly bridge attack in Russia
We've been working hard to bring you independent, locally-sourced news from Ukraine. Consider supporting the Kyiv Independent.
Hashtags
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
New York Times
10 minutes ago
- New York Times
Canada coach Jesse Marsch condemns U.S. treatment, ‘lack of respect' for Ukraine
Canada men's national team coach Jesse Marsch offered his support for Ukraine and the Ukrainian national team on Friday while also taking aim once again at United States President Donald Trump. 'As an American, the treatment that we have given the President of the Ukraine and the lack of respect really bothers me. Without having to know what it's like to go through something like what these players, this coach and this federation has been through, I am just really excited to be able to show our support,' Marsch said in his opening remarks at a Friday morning event with the Canada Ukraine Foundation. Advertisement Marsch is likely referencing a tense and fiery exchange between Trump and Ukraine President Volodymyr Zelenskyy on Feb. 28 that made global headlines. Marsch has previously taken aim at Trump, saying in February that Trump should 'lay off the ridiculous rhetoric about Canada being the 51st state; as an American, I'm ashamed of the arrogance and disregard we've shown one of our historically oldest, strongest and most loyal allies.' Due to the Russian invasion, the Ukrainian national team is required to play its matches in neutral venues. 'If you think about the challenges that the players from Ukraine have been through, they haven't played a home match in several years, they've had to play World Cup qualifiers on foreign soil, they've had players playing professionally and internationally with the concern of the safety of their country and their family and their friends,' Marsch said. 'In general, the ability for us to have empathy and sympathy for everything that their team, their nation, their team, their players have gone through is really important at a time like this.' Ukraine's upcoming home matches in UEFA Group D of 2026 World Cup qualification do not yet have a location. 'As the Canadian national team coach, to show how much we are behind them, we are with them, that we want to do everything we can,' Marsch said, noting that one of the beauties of international football is that it 'can take on so much more than what the sport is.' Ukraine is in Toronto to play Canada in the Canadian Shield friendly tournament on Saturday. Ukraine will play its second match of the Canadian Shield friendly tournament on Tuesday against New Zealand, while Canada plays Ivory Coast also on Tuesday. 'It's really a pleasure and an honour to show that friendship and respect are at the core of everything we try to do in this sport,' Marsch said.
CNN
23 minutes ago
- CNN
Ian Bremmer: we've not seen full extent of Putin's retaliation for drone strike
Eurasia Group President Ian Bremmer tells CNN's Wolf Blitzer that Putin is not done with his retaliation for Ukraine's devastating drone strike against Russian military airfields.
Tom's Guide
40 minutes ago
- Tom's Guide
New AT&T data leak links previously exposed info to Social Security numbers, birth dates
In a trend that absolutely no one wants to get behind, another older data leak has been paired with additional customer information to get re-released as a new data leak to expose even more customer info and personal details. As reported by BleepingComputer, an old 2021 AT&T data leak which contained millions of phone numbers has been linked with Social Security numbers and birth dates of the individual users. The company has stated that cybercriminals will commonly repackage previously disclosed data for financial aim, which is what they believe is happening here, and that when they learned of the data going up for sale on the dark web they began a full investigation. While the threat actor who leaked the data onto a popular Russian-speaking hacking forum claimed it was the data stolen during the 2024 AT&T 'Snowflake' cyberattack, which is what was initially reported by HackRead. However, after BleepingComputer analyzed the exposed information, the news outlet determined it was actually from the 2021 data leak which was caused by a hacker dubbed 'ShinyHunters.' This is not the first time the 2021 ShinyHunters data has been leaked or even linked to additional personal information. For instance last year, the data was leaked along with names, addresses, mobile phone numbers, encrypted date of birth, encrypted Social Security numbers and more. This leak has cleaned up that data to remove internal AT&T information and added the unencrypted Social Security numbers and dates of birth to each customer record. There are reportedly over 86 million unique records of this nature, with more than 48 million unique phone numbers that have associated customer information. This is due to customers having multiple records with the same phone number being used at different addresses. Not sure if you were one of the customers affected by these breaches? At this point, if you're an AT&T customer, you should be taking steps to see if you've been affected and then to lock down your own data in order to keep yourself safe. Get instant access to breaking news, the hottest reviews, great deals and helpful tips. As with all data breaches, the biggest threat will be phishing attacks and online fraud. Now that hackers can easily figure out your identity, they might try to reach out to you posing as AT&T. That means you'll need to be extra careful when checking your inbox and messages. Avoid clicking on links or downloading attachments from unknown senders as hackers often set up fake pages to steal your credentials, credit card data and other sensitive info. For this reason, you want to go directly to AT&T's page instead of clicking on any links on search results, social media or even ads that claim to take you to it. If you haven't signed up for one of the best identity theft protection services, now might be a good time to look into them. You can also consider putting fraud alerts on your files with the Big Three credit-reporting agencies Equifax, Experian and TransUnion, and even instituting a credit freeze (although doing so can complicate getting a loan or opening new payment accounts). This 2021 data leak seems to be the gift that keeps on giving for hackers, so I wouldn't be surprised if this stolen info is used in future attacks. Don't worry though as we'll be keeping a close eye on this one.
