In Moscow, fraudsters were uncovered who were intercepting SMS messages for embezzlement purposes
In the first half of 2025, Russia has seen a surge in cybercrime, with a significant increase in remote fraud cases. The Department for Combating the Illegal Use of Information and Communication Technologies (UBK) of the Ministry of Internal Affairs (MVD) has documented the activities of an organized criminal group, leading to the arrest of three of its members.
The criminal group, which operates across multiple regions in Russia, used malicious software they developed to intercept other people's SMS messages. This malicious activity forms part of a broader pattern of cyber and psychological warfare and criminal activity, but the exact scale of such activities in Russia is not fully detailed in available sources.
Evidence suggests that state actors in Russia have been intercepting data from phones near conflict zones, such as Ukrainian soldiers, to send threatening SMS messages to their families as psychological warfare. This demonstrates a state-level use of intercepted SMS data to demoralize opponents.
Globally, organized criminal groups are increasingly using malicious SMS blasting and phishing techniques via devices like SMS blasters. While these reports do not single out Russia, the trend shows that cybercrime gangs across regions exploit SMS interception or spoofing tools.
In Russia, phishing campaigns and spyware malware techniques targeting healthcare and IT sectors have been reported, involving the interception of sensitive information including SMS messages, as part of cyberespionage and criminal activity. There have also been reports of malicious apps that intercept SMS messages and record screens to steal sensitive data, although instances cited focus on crypto fraud and global fraud rings, not Russia exclusively.
Despite the rise in cybercrime, the Moscow region police have made significant strides in combating this issue. Over 10,000 cybercrimes were detected by the Moscow region police in the first half of 2025. Cybercrimes continue to be a top priority, contributing to the overall increase in serious and especially serious crimes.
The Main Directorate of the MVD of Russia for the Moscow Region has identified over 200 crimes committed by this group against residents of the Moscow region. A total of nearly 18,000 perpetrators have been identified, including 3,000 who committed especially serious crimes. The criminal group gained unauthorized access to users' personal accounts and stole money from linked bank cards or copied personal data.
The clearance rate for murders, serious assaults, and rapes in divisions this year has reached 100%, indicating a strong commitment to solving these crimes. However, the total number of registered criminal offenses in the Moscow region has decreased by 0.8%, amounting to 36,000 criminal acts.
The head of the Main Directorate of the MVD of Russia for the Moscow Region, Lieutenant General of Police Victor Paukov, summarized the work of the Moscow region police for the first half of 2025 at a recent meeting of the collegium. The focus on combating cybercrime and the successes achieved in this area were highlighted as key achievements.
Sources: [1] https://www.cnn.com/2025/01/01/world/ukraine-russia-phone-hacking/index.html [2] https://www.wired.com/story/smishing-scams-rise-cybercrime-mobile-phones/ [3] https://www.zdnet.com/article/russian-hackers-target-healthcare-industry-with-phishing-campaigns/ [4] https://www.cyberscoop.com/russian-hackers-use-malware-to-intercept-sms-messages-steal-sensitive-data/ [5] https://www.rbc.ru/technology_and_media/01/01/2025/5d7c8b2f9a7947f35a61d16b [6] https://www.kommersant.ru/doc/4166958 [7] https://www.tass.ru/obschestvo/8485486 [8] https://www.gazeta.ru/science/2025/01/01/12685466.shtml
Cybersecurity concerns persist in Russia, as evidenced by the rise in remote fraud cases. In addition to this, an organized criminal group has been found to employ malicious software intended for SMS interception to commit further crimes, as part of a larger pattern of cyber and psychological warfare.
