A Ukrainian intelligence service published a series of what it said are intercepted conversations between two hackers working for Russia’s Federal Security Service, or FSB.
Ukraine’s Security Service published the conversations on its official YouTube channel on Thursday. The video purportedly shows several conversations—labelled as “episodes”—between two FSB counterintelligence agents in Crimea, Chernyk Mykola Serhiiovych and Skilianko Oleksandr Mykolaiovich.
Some of them are mundane, such as a brief discussion on COVID tests and salaries, bonuses, and a “dress reimbursement.” Others specifically refer to hacking operations against Ukrainian government bodies.
“While he is still online, we are able to steal this crypto container from him,” Chernyk says, referring to an incident in which the hackers developed unique code to steal data, according to the video.
In another “episode,” Chernik tells Skilanko that “at this very moment I’m stealing (the data) from his drives.”
“There’s a couple of interesting things here,” Skilianko responds.
Ukraine’s authorities routinely post videos of operations where they arrest ransomware hackers, but it’s notable that it doxed and shared recorded conversations between counterintelligence agents working for another government. Ukrainian spies are effectively sending a message to its counterparts in Russia: not only we know what you are doing, but we can literally hear what you say.
Do you have more information about a ransomware incident or a ransomware gang? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr/Telegram/Wire @lorenzofb, or email email@example.com
Ukraine’s Security Service and the Russian embassy in Washington D.C. did not immediately respond to a request for comment.
In the last few years, Russia and Ukraine have been clashing on the border near the city of Donetsk. They also have been fighting online, with alleged Russian government hackers turning off the lights in some regions of Ukraine on two different occasions, as well as launching a destructive cyberattack that spilled all over the world.
This post has been read 17 times!