Hackers Honeytrap Russian Troops Into Sharing Location, Base Bombed: Report
Ukrainian hackers have been baiting Russian troops into sharing their locations with fake profiles of conventionally attractive women on Facebook and Russian social media websites, according to the Financial Times.
The newspaper ran an interview with Ukrainian hacker Nikita Knysh, whose cyber security company HackControl—nicknamed Hackyourmom—has launched a cyber war on Russia since the beginning of the country’s invasion of Ukraine on February 24, recruiting high-level and low-level Ukrainian hackers into his group.
Knysh said his group has been able to hack Russian television stations to promote pro-Ukrainian messages as well as hack thousands of security and traffic cameras in Belarus and occupied parts of Ukraine to obtain information about the movement of the Russian military.
While the FT couldn’t verify all claims, the material received by the newspaper from government officials and hackers backs up some of Knysh’s claims.
Among the hacking feats Knysh claims responsibility for, is the honeytrapping of Russian troops using fake profiles of conventionally attractive women on Facebook and Russian social media websites. According to Knysh, hackers used the fake profiles to catfish Russian troops and trick them into sending photos which the hackers then geolocated and shared with the Ukrainian military.
“The Russians, they always want to f***,” Knysh told the FT. “They send [a] lot of s*** to ‘girls,’ to prove that they are warriors.”
Fake profiles using the photos of conventionally attractive women as a front have also been found to be used by the Kremlin to spread pro-Russian propaganda surrounding the war.
In a report published in July, the Institute for Strategic Dialogue (ISD), an independent think tank focused on disinformation, hate and extremism, identified 10 Twitter accounts which used photos of beauty and fashion influencers to entice audiences in the Middle East and North Africa.
The accounts—which pretended to be managed by women in the Kremlin diplomatic or media corps writing in Arabic—had a combined base of almost 360,000 followers. ISD Executive Director for Africa, the Middle East and Asia, Moustafa Ayad, who wrote about the report, said male audiences “eat up” the content shared by the fake accounts.
“The pro-Kremlin women of Arabic-speaking Twitter are not just shilling for the state, they are also primping propaganda,” Ayad said.
But while the Russian fake profiles promoted fervent nationalism and anti-Western stances, spreading the Kremlin’s propaganda well outside of Russia’s border, the fake profiles used by Ukrainian hackers had an immediate impact on the unfolding war.
Knysh said his team helped identify a Russian military base near the occupied city of Melitopol in southern Ukraine, which was then blown up by Ukrainian artillery.
“My first thought was—I am effective, I can help my country,” Maxim, a member of Knysh’s team, told the FT. “Then, I realized, I want more of this—I want to find more bases, again and again.” Ukraine’s armed forces refused to discuss the role of hackers in the attack on the Russian base.
It’s not the first time Russians have given away their location to Ukraine’s forces.
A Russian base in Popasna, in the eastern Luhansk region, was blown up by Ukrainian HIMARS on August 14 after Russian war correspondent Serhiy Sreda visited the base on August 8, according to unconfirmed reports by Ukrainian media outlet Hromadske.
According to reports, Sreda published a photo showing Russian paramilitary force the Wagner Group had set up a base in a residential building, referring to it as the group’s “headquarters.” One of the photos showed a sign with the address of the nearest bomb shelter, Myronivska Street, 12.
The Wagner PMC Telegram channels have confirmed that the paramilitary group suffered an attack.
Suggest an edit to this article
Go to Cybersecurity Knowledge Base
Got to the Latest Cybersecurity News
Stay informed of the latest Cybersecurity trends, threats and developments. Sign up for our Weekly Cybersecurity Newsletter Today.
Remember, CyberSecurity Starts With You!
- Globally, 30,000 websites are hacked daily.
- 64% of companies worldwide have experienced at least one form of a cyber attack.
- There were 20M breached records in March 2021.
- In 2020, ransomware cases grew by 150%.
- Email is responsible for around 94% of all malware.
- Every 39 seconds, there is a new attack somewhere on the web.
- An average of around 24,000 malicious mobile apps are blocked daily on the internet.
- Voice ID: How Secure is it Really? - 2 March 2023
- Enterprise users infected by RIG Exploit Kit thanks to Internet Explorer - 27 February 2023
- Google Open-Source Vulnerability Scanning Tool - 18 February 2023