Infostealer operation attributed to 18-year-old threat actor linked to 28,000 compromised accounts
Updated:
· First: 21.05.2026 00:36
· 📰 1 src / 1 articles
An 18-year-old individual from Odesa, Ukraine, has been identified by national cyberpolice and U.S. law enforcement as the operator of an infostealer malware campaign conducted between 2024 and 2025. The threat actor targeted users of a California-based online store, infecting devices to harvest browser sessions, credentials, and payment data. Stolen session tokens allowed bypass of multi-factor authentication in some cases, enabling account takeover. The operation resulted in the compromise of 28,000 customer accounts, with 5,800 exploited for unauthorized purchases totaling approximately $721,000. Direct financial losses, including chargebacks, amounted to $250,000.