A Clever Ploy: Ukrainian Cyber Team Tricks Russian Forces
It seems that the Ukrainian cyber warfare unit developed a cunning strategy to extract sensitive data from Russian soldiers. They achieved this by setting up a counterfeit registration service for a popular satellite internet service.
The Ukrainian team, known as the 256th Cyber Assault Division, worked in collaboration with open-source intelligence groups. Together, they developed a network of channels and bots on a popular messaging app that appeared to assist Russian soldiers in registering their internet terminals with a Ukrainian whitelist.
A Deceitful Trick
However, this was all a ruse. The channels were actually managed by the Ukrainian forces. The unsuspecting soldiers, thinking they were getting help, sent their location and terminal data to the Ukrainian forces instead.
This incident offers another glimpse into how warfare operations have expanded into the realm of social media. It also highlights attempts by Russian forces to bypass a block on the satellite internet service by paying Ukrainian civilians to register terminals for them.
The internet service provider had previously cut off connections in Ukraine, only allowing terminals registered with the Ukrainian government to continue receiving service. This drastic measure was taken following several instances where Russian forces were found purchasing terminals from the black market to operate attack drones and establish battlefield communications.
Russian Dependence
Despite Russia downplaying the impact of this region-wide block on their operations, Ukrainian officials argue that the Russian soldiers' attempts to register terminals show their reliance on the American-based service.
The 256th Division saw this as an opportunity to interact with the Russian soldiers. They took advantage of the soldiers' desperation to restore their internet connection and gathered crucial information in the process.
The Trap is Set
In the conversation screenshots shared by the division, the messaging app bots asked the soldiers for details about their internet terminals. The soldiers seemingly shared information like terminal ID numbers, satellite dish numbers, account numbers, and their geographical coordinates.
The 256th Division claimed it gathered over 2,000 data entries on the Russian internet terminals and their precise locations. They also received almost $6,000 from the Russian troops who paid for the bogus service.
The division also reported that some Ukrainians approached their network, looking for ways to assist Russians in registering their terminals.
The Operations Unfold
A Ukrainian-European intelligence group played a supporting role in the operation by pretending to complain about channels that were supposedly assisting Russians with internet terminal registration.
The group had previously drawn attention to a channel named "russian_starlink", which was rapidly gaining popularity but hadn't been blocked by Ukrainian authorities. This was actually part of their strategy to lure Russian military personnel deeper into their trap.
Another Ukrainian intelligence group labelled the initiative as "Operation Self-Liquidation". They ominously hinted at sending 155mm artillery shells to the coordinates provided by the Russian soldiers.
The data gathered was reportedly sent to an advisor on drone logistics and technology for Ukraine's defense ministry. The operation's intended effect was achieved, indicating that this deceptive operation has concluded.