BBC Ties 3 Starmer Arson Attacks to Russia, Identifying 23-Year-Old Suspected Handler
Updated
Updated · BBC.com · Jun 15
BBC Ties 3 Starmer Arson Attacks to Russia, Identifying 23-Year-Old Suspected Handler
2 articles · Updated · BBC.com · Jun 15
Summary
Three arson attacks on property and a car linked to Prime Minister Keir Starmer were part of a Russian sabotage operation, the BBC reported, tracing the campaign beyond the men convicted at the Old Bailey.
Open-source evidence pointed to “EL,” the Telegram handler who recruited and paid operatives, as 23-year-old Evgeny Lyukshin — a Russian diplomat’s son trained in information warfare and linked to Kremlin-aligned networks.
Messages reviewed by the BBC showed EL offering $1,000 and Russian citizenship, recruiting through Ukrainian job groups in London, and escalating tasks from posters and graffiti to attacks on Starmer-linked targets.
The same network also ran fake far-right and fake Muslim groups to pay for mosque vandalism, spread anti-Muslim propaganda and push false claims about the Starmer case, some amplified by Tommy Robinson.
Russia’s embassy denied involvement, and counterterror police said they have not proved EL’s identity or state backing, though former defence secretary Ben Wallace called the attacks a deliberate escalation against the British state.
As Russia orchestrates arson in the UK, are Western intelligence agencies failing to counter these low-cost hybrid attacks?
How do Russia's elite universities forge operatives to wage a global campaign of disinformation and sabotage?
Unmasking Russia’s Hybrid Sabotage: The Starmer Arson Attacks, Telegram Recruitment, and the UK’s Fight Against 110 State-Linked Operations (2022–2025)
Overview
In June 2026, Roman Lavrynovych and Stanislav Carpiuc were convicted for arson attacks on properties linked to UK Prime Minister Sir Keir Starmer. The investigation revealed that both men were recruited and directed by an anonymous Russian-speaking handler known as 'El Money' through encrypted Telegram messages. Communications showed they were instructed and promised payment for the attacks, exposing a sophisticated online sabotage network. This case highlights how state-backed operatives use encrypted platforms to recruit individuals for disruptive acts, with the true orchestrator remaining hidden and the operatives treated as disposable by those directing them.