Ukraine police arrest hacker for operating illegal VPN service to access sanctioned Russian sites

Ukrainian law enforcement has arrested a local hacker who allegedly operated a large virtual private network (VPN) service allowing users to access Russian websites sanctioned in Ukraine.

The 28-year-old man is accused of setting up a VPN server room in his apartment in the western Ukrainian city of Khmelnytskyi. He also rented servers located in Germany, France, the Netherlands and Russia, “giving the enemy’s special services access to information about all users of the VPN,” Ukrainian cyber police said in a statement on Thursday.

The suspect advertised his service on his own Telegram channels, hacker forums, and an unnamed “world-famous IT platform,” where he positioned himself as a project developer and was targeting “like-minded people.”

His VPN service allowed users to access more than 48 million IP addresses of the Russian segment of the internet — the so-called Runet. According to investigators, the daily volume of the service’s network traffic exceeded 100 gigabytes.

Runet encompasses websites, social media, and other online platforms developed and hosted in Russia. It is believed to be state-regulated, with the Russian government attempting to protect its domestic services from “foreign influence.”

In 2017, Ukraine imposed sanctions on several widely used Russian services, including VKontakte, Yandex, and Mail.Ru. Since the Russian invasion of Ukraine, the local government has extended that list, so websites with “.ru” domains cannot be accessed from within Ukraine without a VPN.

The self-taught hacker from Khmelnytskyi could face up to 15 years in prison for creating a service to violate those restrictions..

Police are currently analyzing information from the suspect’s seized devices to identify his accomplices “and the sources of funding for his business.” It is possible the hacker worked on behalf of Russian special services, police said.