Security News > 2022 > February > Symantec finds evidence of continued Russian hacking campaigns in Ukraine
Symantec finds evidence of continued Russian hacking campaigns in Ukraine.
Security researchers at Symantec have presented what they said is further evidence that the Russian advanced persistent threat hacking team known as Shuckworm has been actively waging a cyber espionage campaign against organizations in Ukraine.
Symantec said its findings are consistent with the SSU's report, which said Shuckworm has become more sophisticated since 2017, the end result of which is a group with custom-built malware to infiltrate and legitimate tools to keep itself connected.
In the particular case study Symantec included in its report, Shuckworm likely used a tried-and-true ingress method: Phishing.
The attack began July 14, 2021, and continued for over a month, Symantec said, and it all began with a malicious Word document.
"Between July 29 and Aug.18, activity continued whereby we observed the attackers deploying multiple variants of their custom VBS backdoor along with executing VBS scripts and creating scheduled tasks similar to the ones detailed above," Symantec said.