Simply faking a COVID-19 vaccination certificate is nothing new in Ukraine.

But fraudsters are now going as far as to produce whole fake applications that resemble the state Diia app, a platform for digital identification that contains vaccination documents.

The most famous fake Diia app came to national attention following the detention of a 21-year-old forger native of Zaporizhzhia Oblast, on Oct. 27.

Almost indistinguishable from the state app, this fake version allows users to visually edit their age, name and crucially, their COVID-19 vaccination status. The app generates a convincing-looking identification document, complete with government branding and fake administrative information.

However, the case is just the tip of the iceberg.

Multiple Telegram channels, all named as some variation of “Fake Diia”, use memes, TikTok and other social media to encourage young Ukrainians to falsify their COVID-19 status through their fraudulent apps. They also target teenagers to offer the service of faking their age to purchase alcohol.

Advertisement

The recent deadly spike in COVID-19 infection in Ukraine has seen such services surge in use. The majority of adult Ukrainians, unwilling to get a vaccine shot, are looking for other ways to bypass the government’s restrictions banning the unvaccinated from many public spaces, including transport.

Fake certificates

Ukrainians are reluctant to get vaccinated.

A survey conducted in August discovered that the majority of adult Ukrainians, over 56%, do not intend to get vaccinated. A study from late October found that they don’t trust vaccines or the advice of doctors. A full quarter of them believe they have contraindications to the vaccine.

High vaccine hesitancy paired with increasing COVID-19 restrictions are driving many Ukrainians to find quick fixes.

A Kyiv Post investigation published on Oct. 1 revealed that there was now a whole illegal market for the creation, sale and distribution of bogus vaccine documents and PCR tests.

Vaccine forgery usually involves the use of complicit doctors who input false information into medical registries, risking their own medical licenses to do so.

Advertisement

The police have opened over 800 criminal probes into such scams as of Oct. 23, according to Prosecutor General Iryna Venediktova.

However, getting access into the database of the Ministry of Digital Transformation or Diia itself is no easy feat, the authorities say.

First launched in February 2020, the official Diia application is part of Ukraine’s digitization strategy. By 2024, the government plans to digitize all public services using the Diia app and website combined.

The app allows users to store nationally-recognized digital versions of their driving license, national passport, international passport, vehicle registration and vaccination status.

According to Minister for Digital Transformation Mykhailo Fedorov, 9 million Ukrainians use the app. Five million vaccination certificates were generated through the app.

Hacking Diia is nearly impossible, according to Mstyslav Banik, head of electronic services development at the Digital Transformation Ministry.

“Tests showed that there are no security vulnerabilities in Diia, or they are insignificant and do not affect the certificate element,” Banik said during a briefing on Sept. 27.

Advertisement

An easy solution then is to circumvent the state databases altogether.

Fake apps

The fake Diia developed by a Zaporizhzhia Oblast developer replicates the look of the original app without accessing the official database.

Telegram bots allow users to easily modify the information that they would like to display. Users then save a web link to their homepages which imitates the official Diia.

As part of its investigation, the Kyiv Post accessed several fake versions of this application, creating completely false identity documents complete with a date of birth, name and even COVID-19 status.

The Kyiv Post does not condone the use of these services.

While true forgeries of vaccination are costly, the applications provide a cheaper alternative.

The administrators of one Telegram chat, which is used to generate the fake application, charges just slightly over $1 (Hr 30) per month for the application without vaccine information. Another one that offers fake vaccine status charges a bit over $11 (Hr 300) per download. Meanwhile, a fraudulent certificate costs at least four times more than that.

These forgeries are a profitable business.

One Telegram channel claims it sold nearly 700 fake applications featuring false vaccination information at $11.41 per download. That amounts to a profit of nearly $8,000 since August.

Advertisement

A poll conducted on one of the Telegram channels revealed that more than 42% of its users were based in Kyiv, a region which has recently introduced strict quarantine measures for unvaccinated citizens and enhanced checks at restaurants, gyms and other businesses.

Just a day before the Zaporizhzhia Oblast founder’s capture, the largest Telegram group hosting the application announced its closure due to attention from the authorities.

It initially appeared that the programmer’s arrest would bring an end to the project, however this was not the case.

Just one day later, the service relaunched, allegedly with new admins who were eager to maintain the project.

The success of the application also encouraged the creation of copycat accounts, using identical or modified versions of the creator’s original application.

According to two Telegram channels, there could now be as many as 23,000 fake Diia documents circulating in Ukraine.

Targeting teenagers

Forgers use outlandish memes, comedy sketches, eye-catching dancers and general hype to lure teenagers to their Telegram channels where they can purchase the fake identity document services.
They encourage underage citizens to use the app to enter bars, fake their vaccination status, buy alcohol and cigarettes.

TikTok is one of their favorite method.

According to a poll posted on one of the Telegram channels, the vast majority (33%) of users found out about the service through TikTok. More than 51% of TikTok’s users in Ukraine are girls aged between 13 and 24.

Advertisement

By exploiting TikTok’s “for you page,” which promotes content to new audiences, the promoters of fake Diia channels were able to attract teenagers to click links which lead to their illegal services.

One video promoted to the front page of the application was viewed more than 63,000 times before the account was removed.

Crackdown

According to Banik, the cyber police are now taking action against these Telegram groups and forgers.

“The cyber police are very involved in the search for these scammers,” Banik said.

On Nov. 3, the cyber police of Ukraine took down the Telegram channel of one of the largest fake Diia groups, who sold apps including COVID-19 vaccination status.

In a note posted through the Telegram bot, the cyber police stated that the application had been blocked for breaking the law.

“This Telegram bot was blocked by cyber police officers for the unauthorized sale or dissemination of information with limited access. Responsibility for these actions carries a penalty of up to 2 years in prison,” the statement read.

Police later announced the detention of another 17-year-old forger, who was detained at his home in Kharkiv. According to police, his Telegram channel, which the Kyiv Post was able to access before its removal, had 20,000 subscribers.

Advertisement

Banik said the fake application produced in Zaporizhzhia Oblast had not utilized any of Diia’s resources. “This fake app has nothing to do with Diia. Creating fake resources does not affect the security of the application itself,” Banik assured.

However, the security issue that these fake apps reveal is that most businesses do not scan the QR codes generated by the Diia app, instead just visually inspecting its information.

“Everyone can independently check the validity of the digital document. If the document is fake, the scanner does not read it,” Banik insisted. “It is the responsibility of people themselves to take care of their cyber presence.”

To suggest a correction or clarification, write to us here
You can also highlight the text and press Ctrl + Enter