Security News > 2022 > May > Ukraine War Themed Files Become the Lure of Choice for a Wide Range of Hackers

A growing number of threat actors are using the ongoing Russo-Ukrainian war as a lure in various phishing and malware campaigns, even as critical infrastructure entities continue to be heavily targeted.

The findings follow disclosures that a China-linked government-sponsored threat actor known as Mustang Panda may have been targeting Russian government officials with an updated version of a remote access trojan called PlugX. Another set of phishing attacks involved APT28 hackers targeting Ukrainian users with a.NET malware that's capable of stealing cookies and passwords from Chrome, Edge and Firefox browsers.

The findings come as Microsoft divulged that six different Russia-aligned actors launched at least 237 cyberattacks against Ukraine from February 23 to April 8, including 38 discrete destructive attacks that irrevocably destroyed files in hundreds of systems across dozens of organizations in the country.

What's more, the Computer Emergency Response Team of Ukraine revealed details of ongoing distributed denial-of-service attacks directed against government and news portals by injecting malicious JavaScript into the compromised sites.

DDoS attacks have been reported beyond Ukraine as well.

The attacks, claimed by a pro-Russian collective called Killnet, come in response to Romania's decision to support Ukraine in the military conflict with Russia.

News URL

https://thehackernews.com/2022/05/ukraine-war-themed-files-become-lure-of.html