Security News > 2022 > February > Microsoft Uncovers New Details of Russian Hacking Campaign Targeting Ukraine
Microsoft on Friday shared more of the tactics, techniques, and procedures adopted by the Russia-based Gamaredon hacking group to facilitate a barrage of cyber espionage attacks aimed at several entities in Ukraine over the past six months.
The attacks are said to have singled out government, military, non-government organizations, judiciary, law enforcement, and non-profit organizations with the main goal of exfiltrating sensitive information, maintaining access, and leveraging it to move laterally into related organizations.
"Since October 2021, ACTINIUM has targeted or compromised accounts at organizations critical to emergency response and ensuring the security of Ukrainian territory, as well as organizations that would be involved in coordinating the distribution of international and humanitarian aid to Ukraine in a crisis," MSTIC researchers said.
It's worth pointing out that the Gamaredon threat group represents a unique set of attacks divorced from last month's cyber offensives that knocked out multiple Ukraine government agencies and corporate entities with destructive data-wiping malware disguised as ransomware.
This is far from the only intrusion staged by the threat actor, which also struck an unnamed Western government organization in Ukraine last month via a malware-laced resume for an active job listing with the entity posted on a local job portal.
The findings also arrive as Cisco Talos, in its continuing analysis of the January incidents, disclosed details of an ongoing disinformation campaign attempting to attribute the defacement and wiper attacks to Ukrainian groups that date back at least nine months.
News URL
https://thehackernews.com/2022/02/microsoft-uncovers-new-details-of.html
Related news
- Microsoft patches Windows zero-day exploited in attacks on Ukraine (source)
- Microsoft launches Zero Day Quest hacking event with $4 million in rewards (source)
- Microsoft announces Zero Day Quest hacking event with big rewards (source)
- FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine (source)
- Russian Turla hackers hit Starlink-connected devices in Ukraine (source)
- Russian cyber spies hide behind other hackers to target Ukraine (source)