Guns, Codes, and Love: Ukraine’s War Redrawing Europe’s Underworld

Picture from: iStock

The war in Ukraine has brought about a shift in Europe’s geopolitical and criminal landscapes, one that’s far more complicated than a simple East vs. West narrative. While governments scramble to fortify borders, provide humanitarian aid, and arm their allies, predictably enough or not, the underworld of Europe has been evolving as well with the unravelling of the war in Ukraine.

Welcome to the new face of organized crime in the EU.

Guns for Sale: No Warranty, No Questions Asked

Ukraine was already sitting on massive stockpiles of arms, courtesy of years of instability since 2014; when the war broke out, in came Western military aid, and the fear of those weapons slipping into criminal hands became a genuine risk. Ukrainian authorities, with the help of European allies, have kept meticulous records of weapons that have vanished or been stolen — around 593,000 of them, to be exact. But numbers on a spreadsheet don’t exactly stop bullets.

Historically, Ukraine has had a laissez-faire attitude towards firearms; and during the war, the government armed its civilians, ostensibly to aid in the defence of the nation. Necessary? Perhaps. Controlled? Absolutely not. And it’s almost laughable how easy it is to get a gun in Ukraine, because technically, it’s not illegal to buy or transfer weapons parts there — no license required whatsoever.

Self-defence militias, born out of necessity and out of the state’s control, are contributing to the spread of weapons across the country, too. But they are not the only ones: the Russian Federation has consistently been accused of supplying arms to separatist forces in Ukraine. While their denials are as predictable as a bad sitcom, some of the weaponry used on the front lines — like anti-materiel rifles, rocket launchers, and man-portable air defence systems (MANPADS) — are new to Ukraine, and they likely didn’t come from a local pawn shop.

In 2021, Ukraine saw 720 firearm-related offenses. By 2022, that number had exploded to over 7,000. And that surge isn’t confined to Ukrainian borders. Neighbouring countries and border regions in Russia have reported a spike in gun-related violence too. The EU works hard to regulate arms across member states, but Ukraine’s poorly controlled weapons flow could destabilize regions like the Balkans, which serve as key transit hubs. Which undermines years of painstaking work to build trust between member states on cross-border cooperation. It’s not just about keeping guns out — it’s about the erosion of the EU’s ability to enforce its own rules.

The Wild East of the Internet

Russian cybercrime and state-backed hacking have always been two sides of the same coin. At times, this looks like recruitment drives, as in the case of Dmitry Dokuchaev, cybercriminal-turned-agent for Russia’s Federal Security Service (FSB). Other times, it’s more subtle, with Russia weaponizing cybercrime infrastructure for espionage and “patriotic hacking”. And then there are the tacit nods that let ransomware groups run rampant (so long as their targets align with Russia’s geopolitical goals).

With the conflict, groups like Conti openly declared allegiance to Moscow and so-called hacktivists like Killnet and Xaknet launched attacks against Ukrainian and Western systems. Threat actors have targeted NATO nations, hitting critical infrastructure and spreading disinformation. Ukraine has faced an onslaught of malware, with everything from DarkCrystal to WarZone RATs deployed against its systems. And Distributed Denial-of-Service (DDoS) attacks have battered Ukrainian networks, while phishing campaigns and wiper malware circulated freely. The beauty (or horror) of this arrangement lays in deniability: Russia’s hands are clean, while its proxies wreak havoc.

Amidst the deluge, the Ukrainian National Security and Defence Council has decided to ban Telegram, deeming the app a significant security risk, accusing Russian forces of exploiting it for geolocation, phishing, and even missile targeting.[1] Which reads, Ukraine has been rearranging deck chairs on a sinking ship.

Pre-war, the EU dealt with cybercrime primarily as a criminal issue; post-war, it’s a geopolitical weapon. The brighter side, or the dimmer, is that the conflict has fractured the cybercriminal underworld. While some groups have rallied behind Russia, others splintered, either over ideological differences or the chance of personal gain. And more fragmented groups mean harder-to-track threats. Economic sanctions and increased law enforcement scrutiny have disrupted traditional marketplaces, reshaping the ransomware-as-a-service (RaaS) and malware-as-a-service (MaaS) industries.

A Love Obsession in the Underworld

For predators, the war has never been a tragedy: it’s a business opportunity. As millions of Ukrainians flee their homes, desperate and vulnerable, criminal networks have wasted no time in taking advantage of the chaos. Some traffickers don’t even bother with subtlety. As an example, the Kyiv-based gang that in 2022 lured a 21-year-old mother with promises of legitimate work abroad. She was intercepted just before crossing into Hungary, her story unravelling a network that had been quietly recruiting women, shipping them far away (in her specific case, it would have been Turkey), and forcing them into sex work. Authorities arrested the gang’s leader, but we do not know how many others remain invisible. And the grim reality, according to UNODC global data, is that most trafficking cases are still identified by victims themselves — a self-referral system that, during times of war, falls desperately short.

And then there’s the entrepreneurial exploitation of Europe’s open doors. Relaxed visa rules, hailed as a lifeline for refugees, have made Ukrainian women frighteningly easy to move across borders. Exploitative escort agencies have capitalized on this, dispatching women with ruthless efficiency to meet a surge in depravity masquerading as demand: at the beginning of 2023 only, “Ukraine refugee porn” somehow clawed its way into the top trending searches, and keywords such as “escort” and “rape” paired with “Ukrainian” shot up by a disgustingly staggering 600%.

Official reports claim “the immediate and large-scale response was likely effective at addressing key factors of vulnerability, including forced displacement, humanitarian need, socioeconomic stress, social fragmentation and family breakdown,” which is an odd kind of victory lap. The obvious predators at train stations have mostly vanished by now, thanks to increased patrols and surveillance, but trafficking networks aren’t known for waving flags — the victims slipping through the cracks would confirm it, too. Traditional routes have shifted, and criminals have simply gone underground, adapting to the fog.

The surge in sex trafficking, especially of Ukrainian women, isn’t merely a criminal issue — it’s a story of exploitation of solidarity. And a problem that doesn’t disappears just because it’s harder to count. Behind every undetected case is a person whose life has been shattered, in a quiet and loud reminder that the war’s impact stretches far beyond the battlefield.

The EU’s Got Its Hands Full, But Honestly, We’re Just Getting Started

The war accelerated change in every form of crime, from weapons proliferation to cyberattacks to human trafficking. These aren’t just increases in volume; they’re qualitative shifts in how crime is organized, executed, and linked to broader geopolitical conflicts. If anyone thought things would wrap up in a neat little bow: think again.

Do not despair, though. The shadows may loom large, but they don’t define the whole picture, and the Union is still there, fighting the good fight. There are teams and individuals working tirelessly to adapt, help, and rebuild. To save, heal, and care. The war may be reshaping Europe’s underworld, but the response isn’t just about containment; it’s about innovation and resilience. Think of the Union as bruised, bloodied, and still relentlessly fighting. Because that is what it is, and we ought to never forget, there’s more to the EU than the darkness it faces.

So, hang tight. The real story? It’s still unfolding.

[1] Telegram, predictably, dismissed these claims, blaming compromised devices instead of platform vulnerabilities.