A high-profile Ukrainian cybersecurity official who was fired from his position last week was detained on Monday for his alleged involvement in an embezzlement scheme.
Viktor Zhora, the ex-deputy head of Ukraine’s State Service for Special Communications and Information Protection (SSSCIP) will be held in pretrial detention for two months with bail set at $276,000, according to Ukraine’s anti-corruption court.
Zhora is accused of facilitating a corruption scheme involving the procurement of software for SSSCIP. According to Ukraine’s anti-corruption agency (NABU), Zhora and five other suspects embezzled $1.72 million between 2020 and 2022 by fraudulently classifying the procurements.
One of the suspects, former head of SSSCIP Yurii Shchyhol, was released from detention on Friday on $700,000 bail. He is now prohibited from communicating with witnesses or other suspects, must surrender his passport for international travel, and is obligated to wear an electronic bracelet.
In a pretrial court hearing last week, investigators said that they discovered the supposed correspondence of the suspects on Zhora’s phone on the Threema messenger — a Swiss messaging service used by the military in Switzerland and state officials in various other countries, including Ukraine.
The suspects used coded language and pseudonyms for communication. They referred to SSSCIP as “kolkhoz” (which means “collective farm” in Russian); Shchyhol used the pseudonym “Bird” (probably because his surname means “goldfinch” in Ukrainian), and Koval was dubbed “Yoda.”
The messages obtained by the detectives revealed that the software in question was allegedly developed by the U.S.-based tech company EPAM Systems and that it was procured through intermediary companies linked to Ukrainian businessman Roman Koval, who is suspected to be the mastermind behind the scheme.
Koval is Zhora’s ex-business partner. The Ukrainian anti-corruption agency alleges that Koval used his connections at SSSCIP to appoint “a loyal person” as the deputy head of the agency to oversee procurement.
Recorded Future
Intelligence Cloud.
No previous article
No new articles
Daryna Antoniuk
is a freelance reporter for Recorded Future News based in Ukraine. She writes about cybersecurity startups, cyberattacks in Eastern Europe and the state of the cyberwar between Ukraine and Russia. She previously was a tech reporter for Forbes Ukraine. Her work has also been published at Sifted, The Kyiv Independent and The Kyiv Post.
