Russia-linked hacking group Gamaredon has been targeting Ukrainian defense, government, and law enforcement agency employees in a new ongoing cyberespionage campaign leveraging an information stealing malware, reports The Hacker News.
The phishing campaign involves the delivery of malicious Microsoft Word documents that use the ongoing Russia-Ukraine war as lure, according to a report from Cisco Talos. Opening the documents would prompt the execution of template-embedded macros that would then facilitate the retrieval of RAR files with LNK files, said researchers.
The report also showed that intelligence briefings pertaining to the invasion of Ukraine have been used in the LNK files, which may lure victims into opening shortcuts that then prompt PowerShell beacon execution before finally resulting in the deployment of the information stealing malware.
"The infostealer is a dual-purpose malware that includes capabilities for exfiltrating specific file types and deploying additional binary and script-based payloads on an infected endpoint," said researchers.
Fifty percent more distributed denial-of-service attacks have been launched by threat actors during the first quarter of 2024 over the same period last year, with thwarted DDoS attacks increasing by 93% year-over-year, SiliconAngle reports.
Security Affairs reports that attacks with an updated iteration of the LightSpy iOS spyware using the "F_Warehouse" framework have been deployed against Southern Asian targets as part of a new cyberespionage campaign.
Operations of Russia's industrial sensor and monitoring infrastructure were claimed to have been disrupted by Ukrainian hacking operation Blackjack following a Fuxnet malware attack against Moscow-based underground infrastructure firm Moscollector, reports SecurityWeek.