Security News > 2022 > April > Ukraine spots Russian-linked 'Armageddon' phishing attacks
The Computer Emergency Response Team of Ukraine has spotted new phishing attempts attributed to the Russian threat group tracked as Armageddon.
Armageddon is a Russian state-sponsored threat actor who has been targeting Ukraine since at least 2014 and is considered part of the FSB. According to a detailed technical report published by the Ukrainian secret service in November 2021, Armageddon has launched at least 5,000 cyber-attacks against 1,500 critical entities in the country.
The Ukrainian forces have previously identified members of the Armageddon cyber-force, exposed their toolset, and traced custom malware development efforts to Russian hacking forums.
This report is in line with other recent findings of Russia-originating attacks targeting EU entities, like last week's Google TAG phishing campaign report, the deployment of wiper-malware against the KA-SAT satellite service, GPS system interference in the Baltic region, and phishing attacks against those aiding with the refugee crisis.
Google: Russian phishing attacks target NATO, European military.
Phishing campaign targets Russian govt dissidents with Cobalt Strike.
News URL
Related news
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- BadPilot network hacking campaign fuels Russian SandWorm attacks (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Russian phishing campaigns exploit Signal's device-linking feature (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)