Security News

Details of a new nation-state sponsored phishing campaign have been uncovered setting its sights on European governmental entities in what's seen as an attempt to obtain intelligence on refugee and supply movement in the region. Enterprise security company Proofpoint, which detected the malicious emails for the first time on February 24, 2022, dubbed the social engineering attacks "Asylum Ambuscade."

A Ukrainian researcher continues to deal devastating blows to the Conti ransomware operation, leaking further internal conversations, as well as the source for their ransomware, administrative panels, and more.On Monday, the researcher kept leaking more damaging Conti data, including an additional 148 JSON files containing 107,000 internal messages since June 2020, which is around when the Conti ransomware operation was first launched.

Newly discovered malware was deployed in destructive attacks against Ukrainian organizations and governmental networks before and after Russia invaded the country on February 24. While analyzing these attacks, ESET Research Labs analysts discovered a new data wiper they dubbed IsaacWiper.

Facebook says it took down accounts used by a Belarusian-linked hacking group to target Ukrainian officials and military personnel on its platform. "We detected attempts to target people on Facebook to post YouTube videos portraying Ukrainian troops as weak and surrendering to Russia, including one video claiming to show Ukrainian soldiers coming out of a forest while flying a white flag of surrender," Meta's Head of Security Policy Nathaniel Gleicher and Threat Disruption Director David Agranovich said.

The sites of several Ukrainian government agencies, and of the two largest state-owned banks are again targeted by Distributed Denial-of-Service attacks. Internet watchdog NetBlocks also confirmed that the websites Privatbank and Oschadbank were being hammered in the attacks and knocked down together with Ukrainian government sites.

"The DDoS attacks against the Ukrainian defense ministry and financial institutions appear to be harassment similar to the previous DDoS attacks seen in January," Rick Holland, CISO at Digital Shadows, said via email. In the past two months, Russian- advanced persistent threats have been tied to an attack on 70 Ukrainian government websites, a wiper targeting government, non-profit and IT organizations, and increased attacks and espionage against military targets.

Unknown attackers have mounted disruptive distributed denial-of-service attacks against several Ukrainian government organizations and state-owned banks on Tuesday. The DDoS attacks' impact on government sites and bank services.

The Ukrainian Ministry of Defense, whose site has been taken down following the attacks, said that its "Website was probably attacked by DDoS: an excessive number of requests per second was recorded." "Starting from the afternoon of February 15, 2022, there is a powerful DDOS attack on a number of information resources of Ukraine," Ukraine's State Service for Special Communication and Information Protection added.

The Ukrainian Ministry of Defense, whose site has been taken down following the attacks, said that its "Website was probably attacked by DDoS: an excessive number of requests per second was recorded. Technical works on restoration of regular functioning are carried out." While the Ukrainian defense ministry site has been knocked out, Oschadbank's website is still accessible although customers cannot log in to their online banking accounts.

The U.S. Treasury Department on Thursday announced sanctions against four current and former Ukrainian government officials for engaging in "Russian government-directed influence activities" in the country, including gathering sensitive information about its critical infrastructure. The agency said the four individuals were involved in different roles as part of a concerted influence campaign to destabilize the nation, while also accusing Russia's national security authority, the Federal Security Service, of recruiting Ukrainians in key positions to create instability.