Security News > 2021 > February > Ukraine Says Russian Cyberspies Targeted Gov Agencies in Supply Chain Attack
The agency said it had linked the attack to "One of the hacker spy groups from the Russian Federation." The incident was described as a supply chain attack and compared to the NotPetya attack of 2017 and the recently disclosed SolarWinds incident.
Another press release, issued on Monday, said the NCCC had been seeing "Massive DDoS attacks" since February 18.
The attacks were aimed at websites related to the security and defense sectors, as well as other government organizations and "Strategic enterprises."
In addition to the DDoS attacks themselves, the attackers delivered malware to government web servers, ensnaring them in a botnet used to launch DDoS attacks against others.
While the agency did not say the Russian government was behind these attacks, it said the attacks originated from IP addresses associated with "Certain Russian traffic networks."
UPDATE 02.26.2021: The NSDC has confirmed that the supply chain attack has been linked to Gamaredon and it has shared more IoCs.
News URL
Related news
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Supply Chain Attacks Can Exploit Entry Points in Python, npm, and Open-Source Ecosystems (source)
- Russian RomCom Attacks Target Ukrainian Government with New SingleCamper RAT Variant (source)
- Crypt Ghouls Targets Russian Firms with LockBit 3.0 and Babuk Ransomware Attacks (source)
- LottieFiles hit in npm supply chain attack targeting users' crypto (source)
- LottieFiles hacked in supply chain attack to steal users’ crypto (source)
- LottieFiles supply chain attack exposes users to malicious crypto wallet drainer (source)
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)