Security News

Ukrainian news agency Ukrainska Pravda has claimed the nation's Centre for Defence Strategies think tank has obtained the online personal details of 120,000 Russian servicemen fighting in Ukraine. The Ukrainian news agency said the think tank obtained the personnel records from "Reliable sources." Whether or not the database is real, the impact on Russian military morale - knowing that your country's enemies have your personal details and can contact your family if you're captured, killed, or even still alive - won't be insignificant.

A spear-phishing campaign likely coordinated by a state-backed threat actor has been targeting European government personnel providing logistics support to Ukrainian refugees. According to American cybersecurity firm Proofpoint, the attackers use "Possibly compromised" email accounts of Ukrainian armed service members to deliver the phishing message.

Details of a new nation-state sponsored phishing campaign have been uncovered setting its sights on European governmental entities in what's seen as an attempt to obtain intelligence on refugee and supply movement in the region. Enterprise security company Proofpoint, which detected the malicious emails for the first time on February 24, 2022, dubbed the social engineering attacks "Asylum Ambuscade."

A Ukrainian researcher continues to deal devastating blows to the Conti ransomware operation, leaking further internal conversations, as well as the source for their ransomware, administrative panels, and more.On Monday, the researcher kept leaking more damaging Conti data, including an additional 148 JSON files containing 107,000 internal messages since June 2020, which is around when the Conti ransomware operation was first launched.

Newly discovered malware was deployed in destructive attacks against Ukrainian organizations and governmental networks before and after Russia invaded the country on February 24. While analyzing these attacks, ESET Research Labs analysts discovered a new data wiper they dubbed IsaacWiper.

Facebook says it took down accounts used by a Belarusian-linked hacking group to target Ukrainian officials and military personnel on its platform. "We detected attempts to target people on Facebook to post YouTube videos portraying Ukrainian troops as weak and surrendering to Russia, including one video claiming to show Ukrainian soldiers coming out of a forest while flying a white flag of surrender," Meta's Head of Security Policy Nathaniel Gleicher and Threat Disruption Director David Agranovich said.

The sites of several Ukrainian government agencies, and of the two largest state-owned banks are again targeted by Distributed Denial-of-Service attacks. Internet watchdog NetBlocks also confirmed that the websites Privatbank and Oschadbank were being hammered in the attacks and knocked down together with Ukrainian government sites.

"The DDoS attacks against the Ukrainian defense ministry and financial institutions appear to be harassment similar to the previous DDoS attacks seen in January," Rick Holland, CISO at Digital Shadows, said via email. In the past two months, Russian- advanced persistent threats have been tied to an attack on 70 Ukrainian government websites, a wiper targeting government, non-profit and IT organizations, and increased attacks and espionage against military targets.

Unknown attackers have mounted disruptive distributed denial-of-service attacks against several Ukrainian government organizations and state-owned banks on Tuesday. The DDoS attacks' impact on government sites and bank services.

The Ukrainian Ministry of Defense, whose site has been taken down following the attacks, said that its "Website was probably attacked by DDoS: an excessive number of requests per second was recorded." "Starting from the afternoon of February 15, 2022, there is a powerful DDOS attack on a number of information resources of Ukraine," Ukraine's State Service for Special Communication and Information Protection added.