Security News > 2022 > March > Russian APTs Furiously Phish Ukraine – Google

While Russia is fighting a physical war on the ground against Ukraine, advanced persistent threat groups affiliated with or backing Vladimir Putin's government are ramping up phishing and other attacks against Ukrainian and European targets in cyberspace, Google is warning.

There have been a recent spate of distributed denial-of-service attacks against Ukrainian government sites, such as the Ministry of Foreign Affairs and the Ministry of Internal Affairs, as well as key services that help Ukrainians find information, such as Liveuamap, according to Google TAG. China's Mustang Panda also has joined the fray, using the war in Ukraine to target European entities with lures related to the Ukrainian invasion in a recent phishing campaign.

Fancy Bear, the APT behind attacks against the 2020 Tokyo Olympics and elections in the European Union, most recently has been targeting users of ukr.net - owned by the Ukrainian media company URKNet - with "Several large credential phishing campaigns," Huntley wrote.

As APTs step up phishing attacks against Ukrainian targets, key government and service-oriented websites in the country also are facing a new barrage of DDoS attacks, as mentioned.

As these attacks are likely to continue, Google has expanded eligibility for Project Shield, the company's free protection against DDoS attacks, to "Ukrainian government websites, embassies worldwide and other governments in close proximity to the conflict," Huntley wrote.

Project Shield allows Google to absorb the bad traffic in a DDoS attack so the targeted organization can continue operating and defend against these attacks, according to the post.

News URL

https://threatpost.com/russian-apts-phishing-ukraine-google/178819/