Security News > 2022 > February > Ukraine Continues to Face Cyber Espionage Attacks from Russian Hackers
Cybersecurity researchers on Monday said they uncovered evidence of attempted attacks by a Russia-linked hacking operation targeting a Ukrainian entity in July 2021.
Broadcom-owned Symantec, in a new report published Monday, attributed the attacks to an actor tracked as Gamaredon, a cyber-espionage collective known to be active since at least 2013.
Gamaredon attacks typically originate with phishing emails that trick the recipients into installing a custom remote access trojan called Pterodo.
"The attack chain began with a malicious document, likely sent via a phishing email, which was opened by the user of the infected machine," the researchers said.
The findings come amidst a wave of disruptive and destructive attacks levied against Ukrainian entities by alleged Russian state-sponsored actors, resulting in the deployment of a file wiper dubbed WhisperGate, around the same time multiple websites belonging to the government were defaced.
Interestingly, the ransomware is known to include a trident symbol - that is part of Ukraine's coat of arms - in the ransom note it displays to its victims, leading Ukraine to suspect that this may have been a false flag operation deliberately intended to blame a "Fake" pro-Ukrainian group for staging an attack on their own government.
News URL
https://thehackernews.com/2022/02/ukraine-continues-to-face-cyber.html
Related news
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Hackers Weaponize Visual Studio Code Remote Tunnels for Cyber Espionage (source)
- Russian Turla hackers hit Starlink-connected devices in Ukraine (source)
- Russian cyber spies hide behind other hackers to target Ukraine (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)
- Russian Espionage Group Targets Ukrainian Military with Malware via Telegram (source)
- Russian hackers deliver malicious RDP configuration files to thousands (source)
- North Korean govt hackers linked to Play ransomware attack (source)