Security News > 2022 > April > Ukraine spots Russian-linked 'Armageddon' phishing attacks
The Computer Emergency Response Team of Ukraine has spotted new phishing attempts attributed to the Russian threat group tracked as Armageddon.
Armageddon is a Russian state-sponsored threat actor who has been targeting Ukraine since at least 2014 and is considered part of the FSB. According to a detailed technical report published by the Ukrainian secret service in November 2021, Armageddon has launched at least 5,000 cyber-attacks against 1,500 critical entities in the country.
The Ukrainian forces have previously identified members of the Armageddon cyber-force, exposed their toolset, and traced custom malware development efforts to Russian hacking forums.
This report is in line with other recent findings of Russia-originating attacks targeting EU entities, like last week's Google TAG phishing campaign report, the deployment of wiper-malware against the KA-SAT satellite service, GPS system interference in the Baltic region, and phishing attacks against those aiding with the refugee crisis.
Google: Russian phishing attacks target NATO, European military.
Phishing campaign targets Russian govt dissidents with Cobalt Strike.
News URL
Related news
- Russian Star Blizzard Targets WhatsApp Accounts in New Spear-Phishing Campaign (source)
- Ransomware gangs pose as IT support in Microsoft Teams phishing attacks (source)
- Microsoft Teams phishing attack alerts coming to everyone next month (source)
- E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries (source)
- How to Prevent Phishing Attacks with Multi-Factor Authentication (source)
- 7-Zip MotW bypass exploited in zero-day attacks against Ukraine (source)
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- BadPilot network hacking campaign fuels Russian SandWorm attacks (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)