Security News > 2024 > April > Russian Sandworm hackers targeted 20 critical orgs in Ukraine
Russian hacker group Sandworm aimed to disrupt operations at around 20 critical infrastructure facilities in Ukraine, according to a report from the Ukrainian Computer Emergency Response Team.
The attacks occurred in March and in some cases the hackers were able to infiltrate the targeted network by poisoning the supply chain to deliver compromised or vulnerable software, or through the software provider's ability to access organization's systems for maintainance and technical suport.
The Ukrainian agency belives that the purpose of these attacks was to increase the effect of Russian missile strikes on the targeted infrastructure facilities.
Last week, Mandiant exposed Sandworm's connection to three hacktivist-branded Telegram groups that have previously claimed attacks on critical infrastructure in Europe and the U.S. CERT-UA's report provides a long list of indicators of compromise that includes files, hosts, and network details.
Russian Sandworm hackers pose as hacktivists in water utility breaches.
CISA says Sisense hack impacts critical infrastructure orgs.
News URL
Related news
- Russian Turla hackers hit Starlink-connected devices in Ukraine (source)
- Russian cyber spies hide behind other hackers to target Ukraine (source)
- Firefox and Windows zero-days exploited by Russian RomCom hackers (source)
- Hackers exploit critical bug in Array Networks SSL VPN products (source)
- Wanted Russian Hacker Linked to Hive and LockBit Ransomware Arrested (source)
- North Korean Kimsuky Hackers Use Russian Email Addresses for Credential Theft Attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- Russian hackers hijack Pakistani hackers' servers for their own attacks (source)
- FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine (source)
- Russian hackers use RDP proxies to steal data in MiTM attacks (source)