RaHDit Declares Phase Two as Ukrainian Cyber Corps Data Is Dropped

A hacker collective known as RaHDit, also referred to as Evil Russian Hackers, has released data involving more than 70 Ukrainian soldiers and cyber troop officers on the Nemesis portal. Reports indicate that the information surfaced through a telegraph channel grouping as well. The day before this event, observers noted that the same group posted online data belonging to around 1000 Ukrainian activists who were active on Russian social networks. RaHDit later indicated that the operation is transitioning into a second phase. In their message, the group touted the display as an exposé of the elite of the Ukrainian cyber corps, described as full time staff hackers who participate in regular interdepartmental Capture the Flag competitions among law enforcement agencies. The hackers claim that the released data belong to professional hackers associated with the Ministry of Defense of Ukraine, members of the National Guard, institutions that train information defenders, and even personnel from the Security Service of Ukraine, known as the SBU. The RaHDit statement goes further, calling these figures mere small parts of the larger system that governs Ukrainian cyber operations and adding that they represent only the surface layer of the entire network. They described these individuals as people who try to pull the strings, indicating a broader vulnerability that reaches into key decision makers and operational handlers in the IT army. The claim also suggests that those named are not the real power behind the cyber operations, but rather a visible front. The group announced that on Thursday, December 29, they would reveal who the genuine leaders are behind what they call Ukrainian cyber buffoonery. Prior to this latest disclosure, RaHDit had already published a list of four hundred individuals connected with potential future roles at the Security Service of Ukraine, including students from the Academy of the Security Service of Ukraine. These actions illustrate the ongoing tension between cyber threat actors and national security institutions in the region, as well as the increasing use of personal information in digital warfare and persuasion campaigns against state institutions and their supporters. Analysts note that such dumps create heightened risk for the individuals named and may prompt defensive responses from Ukrainian authorities and allied cyber defense teams. The broader context shows a persistent pattern of publicly airing sensitive data to exert pressure, undermine trust, and shape perceptions of Ukrainian cyber capabilities, while also drawing attention to the evolving tactics used by groups like RaHDit against defense structures and official channels of accountability. Observers emphasize the need for robust data protection, rapid incident response, and careful risk assessment to mitigate potential harm from such disclosures. The situation underscores the ongoing cyber security challenges facing Ukraine and its partners as they navigate an increasingly contested digital battlefield, where information operations run parallel to traditional cyber intrusions and real-world implications.