According to the Russian publication "Meduza", the FSS and the Russian browser "Yandex" created fake copies of the websites of the volunteer battalions on the Ukrainian side of the Legion "Freedom of Russia" and the "Russian Volunteer Corps".
Points of attention
- FSS and Yandex reportedly collaborated to create fake websites of Ukrainian volunteer battalions RVK and LFR to identify Russians interested in joining them.
- The fake sites had forms to collect user data without donation details, potentially exposing privacy violations and raising security concerns.
- Allegedly, Yandex deliberately promoted these fake sites in search results, while Google did not display them, prompting suspicions of company collaboration with security forces.
- Differences between the fake and real sites included slight domain variations, typical of phishing attacks, indicating potential malicious intent behind the scheme.
- Despite the removal of the fake sites, cached versions remain on Yandex, highlighting the lasting impact and complexities of the FSB's alleged creation of these deceptive platforms.
What is known about the FSS's creation of fake copies of the RVK and LFR websites
It is noted that these sites were displayed at the top of the Yandex search results, but they were not displayed during the Google search results.
Journalists of the publication emphasize that with the help of these sites the FSS tried to identify Russians who have a desire to join the RVK and LFR.
Russian intelligence officials are sure that "Yandex" deliberately advertises fake sites that may be related to Russian security forces, and also accused the company of cooperating with the FSB.
Currently, fake sites are not available, but cached versions are still on the first line of Yandex.
Volunteers fighting in the Armed Forces confirmed that these are not their sites.
How do fake sites differ from real sites of the RVK and LFR
The difference between the fake sites of the FSS and the original platforms of volunteer battalions was one letter in the domain.
This is a typical technique of a phishing attack (as a rule, it is used by fraudsters to steal money or a person's data).
As one of the users noted, unlike the real ones, they did not have details for donations. Instead, both sites had a form to collect data - about the respondent's gender, age, contacts and location. It was assumed that the user could submit the information himself through these forms.
However, it is not possible to say exactly who created or maintains these sites.
The fake site "Svobody Rossii" was registered in December 2023, and the RDK - in August of the same year. During domain registration, all data was hidden.
