Security News > 2023 > June > New Report Reveals Shuckworm's Long-Running Intrusions on Ukrainian Organizations

The Russian threat actor known as Shuckworm has continued its cyber assault spree against Ukrainian entities in a bid to steal sensitive information from compromised environments.

Targets of the recent intrusions, which began in February/March 2023, include security services, military, and government organizations, Symantec said in a new report shared with The Hacker News.

"In some cases, the Russian group succeeded in staging long-running intrusions, lasting for as long as three months," the cybersecurity company said.

"The attackers repeatedly attempted to access and steal sensitive information such as reports about the deaths of Ukrainian service members, reports from enemy engagements and air strikes, arsenal inventory reports, training reports, and more."

In the latest set of attacks detailed by Symantec, the threat actors have been observed using a new PowerShell script to propagate the Pterodo backdoor via USB drives.

"It seems clear that Russian nation-state-backed attack groups continue to laser in on Ukrainian targets in attempts to find data that may potentially help their military operations."

News URL

https://thehackernews.com/2023/06/new-report-reveals-shuckworms-long.html