Security News > 2022 > September > Researchers Identify 3 Hacktivist Groups Supporting Russian Interests

At least three alleged hacktivist groups working in support of Russian interests are likely doing so in collaboration with state-sponsored cyber threat actors, according to Mandiant.

The Google-owned threat intelligence and incident response firm said with moderate confidence that "Moderators of the purported hacktivist Telegram channels 'XakNet Team,' 'Infoccentr,' and 'CyberArmyofRussia Reborn' are coordinating their operations with Russian Main Intelligence Directorate-sponsored cyber threat actors."

Mandiant's assessment is based on evidence that the leakage of data stolen from Ukrainian organizations occurred within 24 hours of malicious wiper incidents undertaken by the Russian nation-state group tracked as APT28.

To that end, four of the 16 data leaks from these groups coincided with disk wiping malware attacks by APT28 that involved the use of a strain dubbed CaddyWiper.

APT28, active since at least 2009, is associated with the Russian military intelligence agency, the General Staff Main Intelligence Directorate, and drew public attention in 2016 for the breaches of the Democratic National Committee in the run-up to the U.S. presidential election.

While the so-called hacktivist groups have conducted distributed denial-of-service attacks and website defacements to target Ukraine, indications are that these fake personas are a front for information operations and destructive cyber activities.

News URL

https://thehackernews.com/2022/09/researchers-identify-3-hacktivist.html