Security News

Cybersecurity researchers have shed light on an actively maintained remote access trojan called DCRat that's offered on sale for "Dirt cheap" prices, making it accessible to professional cybercriminal groups and novice actors alike. "Unlike the well-funded, massive Russian threat groups crafting custom malware , this remote access Trojan appears to be the work of a lone actor, offering a surprisingly effective homemade tool for opening backdoors on a budget," BlackBerry researchers said in a report shared with The Hacker News.

The UK government added 63 Russian entities to its sanction list on Wednesday. Among them are Baikal Electronics and MCST, the two most important chip makers in Russia.

Threat analysts at the cybersecurity firm Mandiant have uncovered a new APT29 cyber attack once again aimed at diplomats and government agencies. APT29 is a cyber espionage group widely believed to be sponsored by the Russian Foreign Intelligence Service, the SVR. APT29 is also publicly referred to as Nobelium by Microsoft, Mandiant said.

A Russian state-sponsored threat actor has been observed targeting diplomatic and government entities as part of a series of phishing campaigns commencing on January 17, 2022. Threat intelligence and incident response firm Mandiant attributed the attacks to a hacking group tracked as APT29, with some set of the activities associated with the crew assigned the moniker Nobelium.

Security analysts have uncovered a recent phishing campaign from Russian hackers known as APT29 targeting diplomats and government entities. In a new campaign spotted by threat analysts at Mandiant, APT29 is targeting diplomats and various government agencies through multiple phishing campaigns.

The Romanian national cyber security and incident response team, DNSC, has issued a statement about a series of distributed denial-of-service attacks targeting several public websites managed by the state entities. DNSC is now collaborating with other authorities in the country to map these attacks and mitigate their effect.

At least six Russian Advanced Persistent Threat actors and other unattributed threats, have conducted destructive attacks, espionage operations, or both, while Russian military forces attack the country by land, air, and sea. It is unclear whether computer network operators and physical forces are just independently pursuing a common set of priorities or actively coordinating.

The U.S. government on Tuesday announced up to $10 million in rewards for information on six hackers associated with the Russian military intelligence service. "These individuals participated in malicious cyber activities on behalf of the Russian government against U.S. critical infrastructure in violation of the Computer Fraud and Abuse Act," the State Department's Rewards for Justice Program said.

A China-linked government-sponsored threat actor has been observed targeting Russian speakers with an updated version of a remote access trojan called PlugX. Secureworks attributed the attempted intrusions to a threat actor it tracks as Bronze President, and by the wider cybersecurity community under the monikers Mustang Panda, TA416, HoneyMyte, RedDelta, and PKPLUG. "The war in Ukraine has prompted many countries to deploy their cyber capabilities to gain insight about global events, political machinations, and motivations," the cybersecurity firm said in a report shared with The Hacker News. Chief among its tools is PlugX, a Windows backdoor that enables threat actors to execute a variety of commands on infected systems and which has been employed by several Chinese state-sponsored actors over the years.

Uncle Sam will dole out up to $10 million for vital information on each of six Russian GRU officers linked to the Kremlin-backed Sandworm gang, who, according to the Feds, have plotted to carry out destructive cyber-attacks against American critical infrastructure. It's hoped the money, offered via the US Department of State's Rewards for Justice program, will lead to the snaring of the following men said to be Russian intelligence officers: Yuriy Sergeyevich Andrienko, Sergey Vladimirovich Detistov, Pavel Valeryevich Frolov, Anatoliy Sergeyevich Kovalev, Artem Valeryevich Ochichenko, and Petr Nikolayevich Pliskin.