Security News > 2023 > April > Google: Ukraine targeted by 60% of Russian phishing attacks in 2023
Google's Threat Analysis Group has been monitoring and disrupting Russian state-backed cyberattacks targeting Ukraine's critical infrastructure in 2023.
Google reports that from January to March 2023, Ukraine received roughly 60% of the phishing attacks originating from Russia, making it the most prominent target.
The first is Sandworm, tracked by Google as "FrozenBarents," which has focused its attacks on the energy sector across Europe since November 2022, with a highlighted case involving the Caspian Pipeline Consortium.
Another highly-active Russian threat actor is APT28, tracked by Google as "FrozenLake."
"In the first quarter of 2023, TAG observed a coordinated IO campaign from actors affiliated with the Internet Research Agency creating content on Google products such as YouTube, including commenting and upvoting each other's videos," reads the Google TAG report.
Google reports that it has been observing and blocking IRA-linked accounts creating content on YouTube Shorts to promote specific "News-like" narratives about the war in Ukraine to Russian domestic audiences.
- Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine (source)
- Russian hackers linked to widespread attacks targeting NATO and EU (source)
- Microsoft: Phishing attack targets accountants as Tax Day approaches (source)
- Hackers abuse Google Command and Control red team tool in attacks (source)
- Google Chrome Hit by Second Zero-Day Attack - Urgent Patch Update Released (source)
- Russian hackers use WinRAR to wipe Ukraine state agency’s data (source)
- CERT-UA Warns of SmokeLoader and RoarBAT Malware Attacks Against Ukraine (source)
- New 'Greatness' service simplifies Microsoft 365 phishing attacks (source)
- Russian ransomware affiliate charged with attacks on critical infrastructure (source)
- Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation (source)