Security News > 2022 > February > Symantec finds evidence of continued Russian hacking campaigns in Ukraine

Symantec finds evidence of continued Russian hacking campaigns in Ukraine
2022-02-03 16:48

Symantec finds evidence of continued Russian hacking campaigns in Ukraine.

Security researchers at Symantec have presented what they said is further evidence that the Russian advanced persistent threat hacking team known as Shuckworm has been actively waging a cyber espionage campaign against organizations in Ukraine.

Symantec said its findings are consistent with the SSU's report, which said Shuckworm has become more sophisticated since 2017, the end result of which is a group with custom-built malware to infiltrate and legitimate tools to keep itself connected.

In the particular case study Symantec included in its report, Shuckworm likely used a tried-and-true ingress method: Phishing.

The attack began July 14, 2021, and continued for over a month, Symantec said, and it all began with a malicious Word document.

"Between July 29 and Aug.18, activity continued whereby we observed the attackers deploying multiple variants of their custom VBS backdoor along with executing VBS scripts and creating scheduled tasks similar to the ones detailed above," Symantec said.


News URL

https://www.techrepublic.com/article/kaspersky-finds-evidence-of-continued-russian-hacking-campaigns-in-ukraine/

Related vendor

VENDOR LAST 12M #/PRODUCTS LOW MEDIUM HIGH CRITICAL TOTAL VULNS
Symantec 79 10 69 77 11 167