Security News > 2022 > March > Google: Russian phishing attacks target NATO, European military

The Google Threat Analysis Group says more and more threat actors are now using Russia's war in Ukraine to target Eastern European and NATO countries, including Ukraine, in phishing and malware attacks.

The report's highlight are credential phishing attacks coordinated by a Russian-based threat group tracked as COLDRIVER against a NATO Centre of Excellence and Eastern European militaries.

As the Google threat analysts also observed, Curious Gorge, a hacking group linked to China's PLA SSF, targeted government and military organizations from Ukraine, Russia, Kazakhstan, and Mongolia.

The Belarusian state hackers' credential phishing campaigns have previously targeted Ukrainian officials and military personnel [1, 2] and European refugee aid officials.

Today's report follows another one Google TAG published regarding malicious activity linked to the Russian war in Ukraine from early March that exposed Russian, Chinese, and Belarus state hackers' efforts to compromise Ukrainian and European organizations and officials.

As we previously reported, this flood of attacks has also included distributed denial-of-service attacks targeting the Ukrainian government and state-owned banks, as well as multiple campaigns of destructive malware attacks [1, 2]. "DDoS attempts against numerous Ukraine sites, including the Ministry of Foreign Affairs, Ministry of Internal Affairs, as well as services like Liveuamap that are designed to help people find information" were also observed by Google since the start of the Russian war in Ukraine.

News URL

https://www.bleepingcomputer.com/news/security/google-russian-phishing-attacks-target-nato-european-military/