In Ukraine, malware expert could blow whistle on Russian hacking
Profexer’s posts, already accessible only to a small band of fellow hackers and cybercriminals looking for software tips, blinked out in January — just days after U.S. intelligence agencies publicly identified a program he had written as one tool used in the hacking of the Democratic National Committee.
[...] while Profexer’s online persona vanished, a flesh-and-blood person has emerged: a fearful man who Ukrainian police said turned himself in early this year and has now become a witness for the FBI.
“I don’t know what will happen,” he wrote in one of his last messages posted on a restricted-access website before going to the police.
[...] emerging from Ukraine is a sharper picture of what the U.S. believes is a Russian government hacking group known as Advanced Persistent Threat 28 or Fancy Bear.
Rather than training, arming and deploying hackers to carry out a specific mission like just another military unit, Fancy Bear and its twin Cozy Bear have operated more as centers for organization and financing; much of the hard work like coding is outsourced to private and often crime-tainted vendors.