Olha Tsyktor - attack 09.06.2025

Journalist from “Anticorruption vymir” Olha Tsyktor reports a large-scale online attack.
For several months, bots have been targeting Olha Tsyktor’s Instagram account — the unusually high activity has caused the platform to temporarily block her profile.

“The first massive bot attack took place on June 9, 2025 — the number of followers on my page jumped from about 300 to over 3,000 within seconds due to subscriptions from accounts with obvious signs of being fake,” Olha Tsyktor told Women in Media.

The following day, a similar bot attack targeted the Instagram page of the “Anticorruption vymir” media outlet, where Tsyktor works. The outlet focuses on reporting corruption in southern Ukraine. After the attack, the account gained almost 10,000 fake followers, which effectively blocked the page’s functionality.

At the time, Kateryna Madens, head of the “Anticorruption vymir” NGO, told IMI that she believed the incident was linked to their professional activities:

“The fact that both the outlet’s Instagram page and the host of our short video segments were attacked significantly narrows the circle of suspects. It’s clearly connected to some of the recent stories we’ve published. Over nearly three years of the newsroom’s work, we’ve had many displeased figures — unsurprisingly. However, only a few have been reacting especially aggressively to our materials lately,” she said.

While the mass bot attacks on the media outlet’s account later subsided, the personal attacks on Olha Tsyktor’s profile have continued. Between June and September 2025, such incidents occurred at least five times, she said. The total number of fake accounts that followed her page exceeded 100,000, and she had to manually remove part of them. The bots do not leave comments or send messages — they simply subscribe and remain inactive.

At the same time as the latest wave of bot activity, Tsyktor discovered through the GetContact app that her phone number had been tagged with the hashtag “Tsyktor’s bedwarmer”, and numerous people attempted to look up her contact.

“I’ve been recording regular login attempts from devices and operating systems I don’t use — including Linux and Macintosh. I’ve repeatedly changed my password, primary phone number, and email address, but unauthorized logins kept recurring,” Olha Tsyktor told Women in Media.

She has since filed a report with the Cyber Police and submitted a complaint to Meta, which confirmed they are investigating the incident.

“We cannot accuse anyone specifically, as we don’t have verified evidence. But our newsroom is convinced this attack is connected to one of our recent investigations — it started right after the publication. We understood that the subjects of that report would likely want to ‘get back at us.’ I would also consider personal motives, but since the attacks targeted both the media outlet’s page and mine, it seems professional,” added Tsyktor.