Threat Management

Ukraine, others under attack from various nation-state hackers

CyberScoop reports that Ukrainian, Russian, and central Asian government organizations, industry sectors, politicians, and journalists have been impacted by various hacking campaigns led by Russian, Chinese, and Belarusian state-sponsored threat actors over the past weeks.
Russian military intelligence-linked APT28, also known as Fancy Bear, has been deploying malware attacks through malicious email attachments in an effort to exfiltrate Ukrainians' browser-stored cookies and passwords, while the Turla hacking group, which has been associated with Russia's Federal Secret Service, has been leveraging a malicious .docx file to target cybersecurity and defense entities in the Baltics, according to a Google report. Moreover, credential phishing emails have been distributed by Russian threat group Cold River, also known as Callisto, to government officials, journalists, and non-governmental organizations, including the NATO Centre of Excellence. The report also showed that high-risk people in Ukraine have been targeted by Belarusian hacking group Ghostwriter in a credential exfiltration campaign, while Chinese state-backed operation Curious George has not only attacked government and military firms in Ukraine, Russia, and Central Asia, but also the manufacturing and logistics industry in those regions.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.