Security News

U.S. Takes Down IPStorm Botnet, Russian-Moldovan Mastermind Pleads Guilty
2023-11-15 15:34

The U.S. government on Tuesday announced the takedown of the IPStorm botnet proxy network and its infrastructure, as the Russian and Moldovan national behind the operation pleaded guilty. "The...

Russian national pleads guilty to building now-dismantled IPStorm proxy botnet
2023-11-14 23:23

The FBI says it has dismantled another botnet and collared its operator, who admitted hijacking tens of thousands of machines around the world to create his network of nodes. Sergei Makinin, a Russian and Moldovan national, was cuffed in Florida in January and sent to Puerto Rico, where he pleaded guilty [PDF] in September, details of which were only publicized today by the US Department of Justice.

Sandworm, a Russian Threat Actor, Disrupted Power in Ukraine Via Cyberattack
2023-11-13 21:58

Mandiant, a cybersecurity company owned by Google, has revealed the details of a 2022 cyberattack run by Russian threat actor Sandworm. The threat group then accessed the OT environment "Through a hypervisor that hosted a Supervisory Control And Data Acquisition management instance for the victim's substation environment," according to Mandiant researchers, who stated the attacker potentially had access to the SCADA system for up to three months.

Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes
2023-11-10 12:22

The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. "The actor first used OT-level living-off-the-land techniques to likely trip the victim's substation circuit breakers, causing an unplanned power outage that coincided with mass missile strikes on critical infrastructure across Ukraine," the company said.

Russian hackers switch to LOTL technique to cause power outage
2023-11-09 11:12

Russian state hackers have evolved their methods for breaching industrial control systems by adopting living-off-the-land techniques that enable reaching the final stage of the attack quicker and...

Russian state-owned Sberbank hit by 1 million RPS DDoS attack
2023-11-08 18:14

Russian financial organization Sberbank states in a press release that two weeks ago it faced the most powerful distributed denial of service attack in recent history. Russian outlet Interfax reports that the attack reached one million requests per second, which the organization said was roughly four times the size of the most powerful DDoS Sberbank had experienced up until then.

Russian-speaking threat actor "farnetwork" linked to 5 ransomware gangs
2023-11-08 09:32

In interactions with threat intelligence analysts, farnetwork shared valuable details that link them to ransomware operations starting 2019 and a botnet with access to multiple corporate networks. According to a report Group-IB shared with BleepingComputer, the threat actor has several usernames and has been active on multiple Russian-speaking hacker forums trying to recruit affiliates for various ransomware operations.

US sanctions Russian who laundered money for Ryuk ransomware affiliate
2023-11-06 17:20

The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned Russian national Ekaterina Zhdanova for laundering millions in cryptocurrency for various individuals,...

U.S. Treasury Sanctions Russian Money Launderer in Cybercrime Crackdown
2023-11-06 05:30

The U.S. Department of the Treasury imposed sanctions against a Russian woman for taking part in the laundering of virtual currency for the country's elites and cybercriminal crews, including the...

FSB arrests Russian hackers working for Ukrainian cyber forces
2023-11-01 23:20

The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Russia's security agency published a press release on Tuesday saying that its officers detained two hackers who either assisted or joined Ukraine's hackers in cyber operations.