Sign in / up

back to article Russia finally bites the cybercrooks it raised, arresting suspected Meduza infostealer devs

Russia's Interior Ministry says police have arrested three suspects it believes helped build and spread the Meduza infostealer. A statement issued by spokesperson Irina Volk via the Ministry's Telegram channel on Thursday included video footage of all three arrests of men described as "young IT specialists" who are alleged to …

COMMENTS

Post your comment
House rules Send corrections
Add to 'My topics' unstar *
  1. elsergiovolador Silver badge

    Translation

    Translation from official Russian into plain English

    Translation table:

    "Arrested" = theatrically reassigned to quieter duties, or quietly folded into state projects

    "Young IT specialists" = professional hackers who are useful when they are useful and inconvenient when they are not

    "Seized devices, bank cards and other items" = props for the video, plus evidence that may or may not be handed back later with thanks

    "Developed and distributed another type of malicious software" = produced things the state would prefer remain private, or sold services someone else later regretted buying

    "Attack on an organisation in Astrakhan" = convenient excuse that happened at a time of the state’s choosing

    "Longstanding understanding" = implicit contract: don’t bite the domestic hand unless the hand needs a lesson

    "Governance of the market" = you pay for protection, or you learn how effective a sledgehammer is

    17 2 Reply
    1. collinsl Silver badge
      Reply Icon

      Re: Translation

      To an extent, yes. Most of these people are genuine hackers with genuine stolen property, as the article says as long as you work for the state when they ask and grease the palms of local officials sufficiently then you will be left alone.

      However, theatrical arrests if/when you screw up or become a thorn in the side of the state (or just if they want to sacrifice one group to cow the others) will usually be legitimate, if heavy-handed. The crime will be as correctly processed as Russian police can manage (there is after all a wealth of evidence the state is already aware of which they can bury you under) and the judge will have perfectly legitimate and reasonable grounds to sentence you (as the government want) to tens of years of incarceration in a penal colony - which one you end up in depends on how bad you've been and what krysha (roof) you have/had. In Russia who protects your criminal enterprise (provides your "roof") is very important and influences you entire life as a criminal. This may be a local crime boss, a national or international drugs gang, or in some cases the state itself or functionaries within.

      So you may end up in a minimum security camp run by a criminal enterprise or drugs gang (ostensibly the state is in charge but the penal officers will be creatures of the gang) where who you know affects how you will be treated inside, or you may end up in a maximum security colony in Siberia actually run by the state where you will experience extremely harsh treatment to make a point to the others outside (this is the kind of place Alexei Navalny was murdered in - either by being directly poisoned or via neglect of his health due to being previously poisoned or just good old fashioned starvation/nutritional deficiency etc.

      0 0 Reply
  2. DS999 Silver badge

    There are two possibilities here

    1) the government tried to "recruit" them to target who Putin tells them to target and they had the audacity to refuse

    2) they are supposed to be paying "protection" money to have authorities look the other way and those authorities believe they are lying about how much they're making and underpaying

    I suppose technically there's a third possibility that they have been attacking Russian state interests, but if they were doing that it seems more likely they'd simply disappear.

    13 2 Reply
    1. Like a badger Silver badge
      Reply Icon

      Re: There are two possibilities here

      "I suppose technically there's a third possibility that they have been attacking Russian state interests, but if they were doing that it seems more likely they'd simply disappear."

      No, if it is as simple as being punished for attacking Russian interests then they can't disappear, they have to be made an example of so that all the other cybercrims get the message. So falling out of a window has always been popular, a simple, innocent death in custody, or a twenty year sentence in a penal colony.

      6 0 Reply
      1. Jellied Eel Silver badge
        Reply Icon

        Re: There are two possibilities here

        No, if it is as simple as being punished for attacking Russian interests then they can't disappear, they have to be made an example of so that all the other cybercrims get the message.

        That's normally how crime & punishment works. Can't do the time? Don't do the crime and all that. But there are other simpler, less paranoid explanations. Russian cybercriminals attack systems inside Russia, Russian LEAs can investigate. Attack systems outside Russia, and.. what can they do? Much harder to detect and investigate, especially as sanctions included ending LEA & intelligence sharing. So maybe Russians hack a UK system. UK LEAs could produce an evidence package & lob it over to Russian prosectutors who could then arrest and charge. If prosecutors don't have that evidence, then they can't, and of course there's also non-extradition so Russian suspects couldn't be prosecuted in UK, US etc courts.

        1 12 Reply
        1. Casca Silver badge
          Reply Icon

          Re: There are two possibilities here

          Always defending russia. Its amusiing how you keep it up. But mostly pathetic

          3 1 Reply
    2. Blazde Silver badge
      Reply Icon

      Re: There are two possibilities here

      In the wider context the recruitment trend seems more plausible than any financial benefits, which would be quite insignificant by comparison even to Russia's very stretched state budget. The authorities have to have woken up to the fact that cybercrime groups targetting Western companies, causing sometimes immense damage, is entertaining from a patriotic point of view but doesn't help them at all in Ukraine and that's surely their most important goal right now. It may even be counter-productive because it helps increase global concerns about Russia's rogue status and politically ease costly Western support for Ukraine.

      Ideally you'd want all your skilled cyber operatives working most of their hours on tasks directly beneficial to the war, and only a few hours on actual crime just so that you have some fresh kompromat to control them and so you can pretend it's a mutually beneficial contract. Inevitably some examples have to be made from time to time but the logic of when and who doesn't need to be particularly just.

      5 0 Reply
  3. lglethal Silver badge
    Go

    The cynic in me says the focus on monetary operations comes down purely to Putin needing cash for his war.

    So let a marketplace rise up, get to a peak, and then shut it down and confiscate all the cash & crypto involved. Rinse and repeat.

    The other crims need a marketplace to trade in their gains, so there will always be someone else ready to step up and create the next one. Wait a year or 18 months, and you can do it all over again...

    3 0 Reply

POST COMMENT House rules

Not a member of The Register? Create a new account here.

Forgotten password ?

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon