Ukraine Probes Teen Suspect in Cyber Theft Scheme Targeting California Online Shoppers

Ukrainian authorities have identified and arrested an 18-year-old suspect allegedly involved in an international infostealer operation that compromised nearly 30,000 accounts of a California online retailer between 2024–2025; 5,800 accounts were used for unauthorized purchases (~$721,000) causing over $250,000 in confirmed losses. The suspect is accused of operating infrastructure to process and sell harvested credentials and session tokens via Telegram channels and using cryptocurrency to pay accomplices; the report emphasizes risks from session-token theft and recommends session anomaly detection, monitoring criminal data markets, MFA, and session-binding controls.