Ukrainian cyber police have arrested a 28-year-old man for running a large-scale virtual private network (VPN) service that allowed users within Ukraine to bypass restrictions and access the Russian internet, known as Runet.
The service enabled users, including those in Russian-occupied territories and Russian sympathizers, to evade Ukraine’s sanctions, which ban access to Russian online platforms and domains.
Runet includes Russian government sites, social media, and news platforms that the Russian government heavily controls and monitors. Ukraine’s National Security and Defense Council (NSDC) has prohibited access to these sites since the Russian invasion, and Ukrainian internet service providers block these platforms.
The VPN service, established after the invasion, provided access to over 48 million Runet IP addresses and handled more than 100 gigabytes of network traffic daily. Ukrainian authorities believe Russian intelligence may have had access to the VPN’s user data, raising concerns about national security.
The operator of the VPN, described as a self-taught hacker from Khmelnytskyi, faces charges under Ukraine’s criminal code, which could lead to a prison sentence of up to 15 years. The police seized server equipment, computers, and mobile phones during raids in Khmelnytskyi and Zhytomyr and are now analyzing the data to uncover potential accomplices or links to Russian intelligence.
The service was promoted on Telegram and other online platforms, with the hacker presenting himself as a developer. He managed the VPN from his home and rented servers across Europe and Russia, allowing seamless access to Russian-controlled networks. This case highlights the ongoing cyber challenges Ukraine faces in its efforts to secure its digital borders during the conflict with Russia.
