
Germany 'foils Russian plot to bomb transport network in sabotage attacks' as European spy ring is dismantled
German police have foiled an apparent Russian sabotage attack on Europe's transport networks, with four people charged with involvement in a plot to send out parcel bombs.
Three Ukrainian citizens, named as Vladyslav T, 24, his partner Lolita K, and Daniil B, 21, were arrested in Germany in connection with the operation and had their communication devices and computer storage devices seized for investigation.
A fourth individual named Yevhen B., who is believed to be the 'handler' who issued the orders to the Germany-based cohort, was detained in the Swiss canton of Thurgau and is due to appear before a judge after being transferred to Germany.
German and Swiss authorities suspect all four of being spies operating on behalf of Russia, with their alleged plan to send incendiary devices and explosives in parcel shipments reminiscent of recent sabotage attacks in Europe which the West has blamed on Moscow.
The suspects are said to have already sent two test packages containing GPS trackers to determine where the explosions could cause the most damage.
It is also believed that the alleged saboteurs planned to use the chemical thermite in incendiary devices, which can cause huge fires as it reaches temperatures of up to 2,400 degrees Celsius.
It is unclear whether the Ukrainian citizens, who were arrested in Cologne and Konstanz, were even aware of who they were working for.
Germany's BILD reported that investigators said the detainees were 'low-level agents' at the very bottom of the chain of command, according to investigative sources.
But their dastardly plan appears to fit perfectly with the established modus operandi of Russian security services in today's age of hybrid warfare in which 'handlers' recruit foreign spies - often petty criminals, drifters or financially desperate citizens - to carry out operations in a plausibly deniable manner.
According to investigators from North Rhine-Westphalia police and German security services, the alleged Russian spies had planned to send their incendiary devices via a private postal service called Nova Poshta.
Nova Poshta is a delivery service headquartered in Ukraine but with operations throughout Eastern and Central Europe and allows customers to send packages of up to 30 kilograms in weight - more than enough for small incendiary devices.
Investigators acted after receiving a tip-off to the Office for the Protection of the Constitution about Vladislav T, and began surveilling his movements in Cologne close to the apartment he shared with Lolita K.
In the course of their investigations, they also uncovered the alleged involvement of Daniil B, who was living at a refugee centre in Konstanz, and Yevhen B. in Switzerland.
Their planned operation reportedly bore all the hallmarks of another attack last July, when packages sitting in depots managed by courier company DHL in Birmingham and the German city of Leipzig suddenly erupted into flames.
At first glance the boxes, originating from Lithuania, contained a host of items that included sex toys, massage pillows and cosmetics.
Investigators soon uncovered a more troubling layer to the saga when another package, shipped from the same Lithuanian origin point, failed to detonate and was intercepted at a Polish depot.
Inside, forensic specialists discovered a crude yet effective ignition mechanism concealed within the casing of yet another erotic gadget, along with traces of an incendiary gel designed to ignite on contact with air.
Polish security services arrested four people in connection with the blazes and charged them with participating in sabotage or terrorist operations on behalf of a foreign intelligence agency.
Before long it emerged that they were suspected of involvement in a Russian-backed plot to distribute the explosive packages throughout Europe. It is suspected the incidents were test runs for a plot to target US-bound flights.
One of the alleged couriers was revealed in a recent investigation by the Guardian as Alexander Bezrukavyi, a Russian national with a criminal record and murky ties to Eastern European smuggling networks.
Bezrukavyi had vanished soon after the parcels were mailed but was eventually captured in Bosnia, where he was on the run and attempting to reach Russia using forged documents.
Bezrukavyi and his associates are believed to have been recruited via the Telegram messaging app by an account known only as 'VWarrior' that was offering hundreds of dollars for seemingly simple courier assignments.
The proposition was simple: purchase a list of items, package them and either deliver them or send them via a courier to another destination in Poland or Lithuania.
One associate of Bezrukavyi said: 'It could be true that the purpose of the parcels was sinister... We just wanted easy money, work that wouldn't involve drugs or weapons.
'It turned out to be some packages to test some f***ed up ****,' the man, who is still on the run, told the Guardian.
Had the incendiary packages reached their destinations, or worse, been loaded onto aircraft, the consequences could have been catastrophic.
Dr Samuel Ramani, an expert at leading defence and security think tank RUSI, told MailOnline that, had a package caught fire or exploded on a passenger jet to the States, an 'all-out confrontation' between Washington and Moscow may have followed.
When asked if people should be fearful of the threat posed by such operations, Dr Ramani said: 'Yes, people should be very vigilant - they should not take such a threat less seriously than ISIS or any other terror group.
'They are terrorists in the same way, very serious intent, strategic action, not just a rogue action, criminal for hire, this is a state-sponsored operation.'
Hashtags

Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles


The Sun
2 hours ago
- The Sun
Six members of Russian spy ring to have ‘too lenient' jail sentences reviewed
SIX members of a Russian spy ring are to have their jail sentences reviewed for being too lenient, we can reveal. The Bulgarians — who lived and worked in the UK — plotted sex stings, and targeted Russian dissidents and journalists critical of President Vladimir Putin 's war effort against Ukraine. 7 7 The ring included lab worker Katrin Ivanova, 33, and beauty shop owner Vanya Gaberova, 30 — dubbed 'killer sexy brunettes' by cell leaders. Ivanova got nine years and eight months and Gaberova eight years. They were both found guilty in March of breaching the Official Secrets Act by conspiring to provide information useful to an enemy between August 2020 and February 2023. Ivanova also got a concurrent sentence of 15 months for forged ID documents. All six got a total of more than 50 years last month. The Attorney General's Office has been asked to consider the sentences under the Unduly Lenient Sentence scheme. The ULS scheme allows anyone to ask for a Crown Court sentence to be assessed by the Attorney General's office if they think it is too lenient. Law officers have 28 days from sentencing to make a decision. 7 7 7 7 7


Reuters
3 hours ago
- Reuters
Filipino families flee Northern Irish home after night of anti-immigrant violence
BALLYMENA, Northern Ireland, June 11 (Reuters) - Michael Sancio, a resident of the Northern Irish town of Ballymena, said he was woken at midnight on Tuesday by masked men banging loudly on windows. Sancio, his wife and daughter, and a couple who share their house - all originally from the Philippines - grabbed their passports and a few belongings and fled their home, sleeping at a friend's house on Tuesday night. They said they plan to stay further outside the town on Wednesday because they feel unsafe at home. Hundreds of masked rioters attacked police and set homes and cars on fire in the town of 30,000 people for a second successive night on Tuesday. Police are investigating the damaging of property as racially-motivated "hate crimes". "Last night I woke up at 12 midnight because I heard some people outside, and I saw in the window, I saw the other guys wearing a black jacket and black pants, and also they're wearing a mask," Sancio, 27, told Reuters on Wednesday. "They started banging the window of our neighbours so I panicked because I have a daughter inside that house." The rioters smashed the windows of the couple's car that was parked outside the house and set it and a bin on fire, said Sancio, who works at a local bus manufacturer. The violence erupted after two 14-year-old boys were arrested and appeared in court, accused of a serious sexual assault on a teenage girl in Ballymena, a town with a relatively large migrant population located 28 miles (45 km) from Belfast. The charges were read via a Romanian interpreter to the boys, the BBC reported, adding that the lawyer told the court that they denied the charges. Anti-migrant violence is rare in Northern Ireland, which for decades has been more familiar with sectarian violence between resident Catholics and Protestants, including in Ballymena. While a 1998 peace deal largely ended the three decades of bloodshed between Protestants who want to remain under British rule and Catholics favouring a united Ireland, there are still sporadic clashes. Sancio said the masked men told them that they were not targeting Filipino people. Around Ballymena, Filipino residents put stickers of British and Filipino flags on their doors, with messages saying "Filipino lives here" to show they were not Romanian. Union Jack flags regularly fly in the largely pro-British town. Democratic Unionist Party councillor Lawrie Philpott told Reuters that some people who usually don't fly flags had hung Union Jacks outside their homes this week to show they are local. Around 6% of people in Northern Ireland were born abroad, according to government statistics. The foreign-born population in Ballymena is higher, in line with the UK average of 16%, and includes a relatively large Filipino community. Northern Ireland has been broadly welcoming to migrants but that has been tested recently. Violent disorder erupted in Belfast last August as part of anti-immigration protests that swept across several UK cities following the murder of three young girls in northwest England. In the Republic of Ireland, rioting broke out in Dublin in late 2023 during anti-immigrant protests that were triggered by a stabbing attack that left a child seriously injured. Sian Mulholland, a local lawmaker from the Alliance Party, said she was fielding calls from migrant families who in some cases had barricaded themselves into their homes until 0230 on Wednesday morning. "I had been engaging with this community beforehand because the houses they are living in are not fit for purpose. They're (living in) squalor," she told Reuters. Sancio's wife, Mariel Lei Odi, was working a night shift on Tuesday. When she returned home, she was worried about the safety of their two-year-old daughter, she said. "When I (came home to) my husband and chatted about what happened last night: (I said) 'my daughter, my daughter, my daughter. What happened?'," she said. Michael Asuro, who lives in the house with his wife, Jessa Sagarit, said he came to Northern Ireland just under two years ago to seek a better life. Sagarit said she felt traumatised by the events. Police have said they are braced for more violence on Wednesday. As residents boarded up broken windows and doors in Ballymena, the Filipino families wondered about their future and whether they will stay. "We feel extreme fear," Asuro said.


The Independent
4 hours ago
- The Independent
With retail cyberattacks on the rise, customers find orders blocked and and empty shelves
A string of recent cyberattacks and data breaches involving the systems of major retailers have started affecting shoppers. United Natural Foods, a wholesale distributor that supplies Whole Foods and other grocers, said this week that a breach of its systems was disrupting its ability to fulfill orders — leaving many stores without certain items. In the U.K., consumers could not order from the website of Marks & Spencer for more than six weeks — and found fewer in-store options after hackers targeted the British clothing, home goods and food retailer. A cyberattack on Co-op, a U.K. grocery chain, also led to empty shelves in some stores. Cyberattacks have been on the rise across industries. But infiltrations of corporate technology carry their own set of implications when the target is a consumer-facing business. Beyond potentially halting sales of physical goods, breaches can expose customers' personal data to future phishing or fraud attempts. Here's what you need to know. Cyberattacks are on the rise overall Despite ongoing efforts from organizations to boost their cybersecurity defenses, experts note that cyberattacks continue to increase across the board. In the past year, there's also been an 'uptick in the retail victims" of such attacks, said Cliff Steinhauer, director of information security and engagement at the National Cybersecurity Alliance, a U.S. nonprofit. 'Cyber criminals are moving a little quicker than we are in terms of securing our systems," he said. Ransomware attacks — in which hackers demand a hefty payment to restore hacked systems — account for a growing share of cyber crimes, experts note. And of course, retail isn't the only affected sector. Tracking by NCC Group, a global cybersecurity and software escrow firm, showed that industrial businesses were most often targeted for ransomware attacks in April, followed by companies in the 'consumer discretionary' sector. Attackers know there's a particular impact when going after well-known brands and products that shoppers buy or need every day, experts note. 'Creating that chaos and that panic with consumers puts pressure on the retailer,' Steinhauer said, especially if there's a ransom demand involved. Ade Clewlow, an associate director and senior adviser at the NCC Group, points specifically to food supply chain disruptions. Following the cyberattacks targeting M&S and Co-op, for example, supermarkets in remote areas of the U.K., where inventory already was strained, saw product shortages. 'People were literally going without the basics,' Clewlow said. Personal data is also at risk Along with impacting business operations, cyber breaches may compromise customer data. The information can range from names and email addresses, to more sensitive data like credit card numbers, depending on the scope of the breach. Consumers therefore need to stay alert, according to experts. 'If (consumers have) given their personal information to these retailers, then they just have to be on their guard. Not just immediately, but really going forward," Clewlow said, noting that recipients of the data may try to commit fraud 'downstream.' Fraudsters might send look-alike emails asking a retailer's account holders to change their passwords or promising fake promotions to get customers to click on a sketchy link. A good rule of thumb is to pause before opening anything and to visit the company's recognized website or call an official customer service hotline to verify the email, experts say. It's also best not to reuse the same passwords across multiple websites — because if one platform is breached, that login information could be used to get into other accounts, through a tactic known as 'credential stuffing.' Steinhauer adds that using multifactor authentication, when available, and freezing your credit are also useful for added lines of defense. Which companies have reported recent cybersecurity incidents? A range of consumer-facing companies have reported cybersecurity incidents recently — including breaches that have caused some businesses to halt operations. United Natural Foods, a major distributor for Whole Foods and other grocers across North America, took some of its systems offline after discovering 'unauthorized activity' on June 5. In a securities filing, the company said the incident had impacted its 'ability to fulfill and distribute customer orders." United Natural Foods said in a Wednesday update that it was 'working steadily' to gradually restore the services. Still, that's meant leaner supplies of certain items this week. A Whole Foods spokesperson told The Associated Press via email that it was working to restock shelves as soon as possible. The Amazon-owned grocer's partnership with United Natural Foods currently runs through May 2032. Meanwhile, a security breach detected by Victoria's Secret last month led the popular lingerie seller to shut down its U.S. shopping site for nearly four days, as well as to halt some in-store services. Victoria's Secret later disclosed that its corporate systems also were affected, too, causing the company to delay the release of its first quarter earnings. Several British retailers — M&S, Harrods and Co-op — have all pointed to impacts of recent cyberattacks. The attack targeting M&S, which was first reported around Easter weekend, stopped it from processing online orders and also emptied some store shelves. The company estimated last month that the it would incur costs of 300 million pounds ($400 million) from the attack. But progress towards recovery was shared Tuesday, when M&S announced that some of its online order operations were back — with more set to be added in the coming weeks. Other breaches exposed customer data, with brands like Adidas, The North Face and reportedly Cartier all disclosing that some contact information was compromised recently. In a statement, The North Face said it discovered a 'small-scale credential stuffing attack' on its website in April. The company reported that no credit card data was compromised and said the incident, which impacted 1,500 consumers, was 'quickly contained.' Meanwhile, Adidas disclosed last month that an 'unauthorized external party' obtained some data, which was mostly contact information, through a third-party customer service provider. Whether or not the incidents are connected is unknown. Experts like Steinhauer note that hackers sometimes target a piece of software used by many different companies and organizations. But the range of tactics used could indicate the involvement of different groups. Companies' language around cyberattacks and security breaches also varies — and may depend on what they know when. But many don't immediately or publicly specify whether ransomware was involved. Still, Steinhauer says the likelihood of ransomware attacks is 'pretty high' in today's cybersecurity landscape — and key indicators can include businesses taking their systems offline or delaying financial reporting. Overall, experts say it's important to build up 'cyber hygiene" defenses and preparations across organizations. 'Cyber is a business risk, and it needs to be treated that way," Clewlow said.