Threat Management, Critical Infrastructure Security

Ukraine government websites impacted by Russian cyberattack

Numerous Ukrainian central and local government websites have been compromised by Russian state-backed hacking operation Ember Bear, also known as UAC-0056 or Lorec53, on Thursday, according to BleepingComputer. One of the hacked websites was discovered by the Computer Emergency Response Team of Ukraine to have a web shell created in December 2021 that was leveraged to facilitate the distribution of the HoaxPen, CredPump, and HoaxApe backdoors in February 2022. No significant disruptions have resulted from the attacks, said Ukraine's cybersecurity defense and security agency SSSCIP. "Presently, in the framework of the United Response Team under the National Cybersecurity Coordination Center, experts from the SSSCIP, the Security Service of Ukraine, and the Cyber Police are working together to isolate and investigate the cyber incident," said SSSCIP. Meanwhile, Ember Bear has been previously reported to be launching fake ransomware and information-stealing malware attacks against Ukraine since its emergence last March. Various organizations in North America and Western Europe have also been targeted by the operation.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.