Ukraine Continues To Face Cyber Espionage Attacks From Russian Hackers

Cybersecurity researchers on Monday said they uncovered evidence of attempted attacks by a Russia-linked hacking operation targeting a Ukrainian entity in July 2021.

Broadcom-owned Symantec, in a new report published Monday, attributed the attacks to an actor tracked as Gamaredon (aka Shuckworm or Armageddon), a cyber-espionage collective known to be active since at least 2013.

In November 2021, Ukrainian intelligence agencies branded the group as a "special project" of Russia's Federal Security Service (FSB), in addition to pointing fingers at it for carrying out over 5,000 cyberattacks against public authorities and critical infrastructure located in the country.

Gamaredon attacks typically originate with phishing emails that trick the recipients into installing a custom remote access trojan called Pterodo. Symantec disclosed that, between July 14, 2021 and August 18, 2021, the actor installed several variants of the backdoor as well as deployed additional scripts and tools.

"The attack chain began with a malicious document, likely sent via a phishing email, which was opened by the user of the infected machine," the researchers said. The identity of the affected organization was not disclosed.

Towards the end of July, the adversary leveraged the implant to download and run an executable file that acted as a dropper for a VNC client before establishing connections with a remote command-and-control server under their control.

"This VNC client appears to be the ultimate payload for this attack," the researchers noted, adding the installation was followed by accessing a number of documents ranging from job descriptions to sensitive company information on the compromised machine.

Ukraine Calls Out False Flag Operation in Wiper Attacks

The findings come amidst a wave of disruptive and destructive attacks levied against Ukrainian entities by alleged Russian state-sponsored actors, resulting in the deployment of a file wiper dubbed WhisperGate, around the same time multiple websites belonging to the government were defaced.

Subsequent investigation into the malware has since revealed that the code used in the wiper was re-purposed from a faux ransomware campaign called WhiteBlackCrypt that was aimed at Russian victims in March 2021.

Interestingly, the ransomware is known to include a trident symbol — that is part of Ukraine's coat of arms — in the ransom note it displays to its victims, leading Ukraine to suspect that this may have been a false flag operation deliberately intended to blame a "fake" pro-Ukrainian group for staging an attack on their own government.

Related news

1. Top Pentest Tools
2. Growth Hacker Tools
3. Hacker Tool Kit
4. Pentest Tools Subdomain
5. Pentest Tools Github
6. Hacker Tools
7. Beginner Hacker Tools
8. Pentest Tools Framework
9. Github Hacking Tools
10. Black Hat Hacker Tools
11. New Hack Tools
12. Pentest Tools Tcp Port Scanner
13. Easy Hack Tools
14. Pentest Reporting Tools
15. Hacking Apps
16. How To Install Pentest Tools In Ubuntu
17. Tools For Hacker
18. Hack Tools Mac
19. Pentest Tools Windows
20. Hack Tools For Ubuntu
21. Game Hacking
22. Hacking Tools For Windows
23. Pentest Tools Bluekeep
24. Hacking Tools And Software
25. Hacking Tools Name
26. Blackhat Hacker Tools
27. Hacker Tools Free Download
28. Hacker Tools
29. Hacking Tools For Mac
30. Pentest Tools Review
31. Hack Tools Pc
32. Pentest Tools Tcp Port Scanner
33. New Hack Tools
34. Beginner Hacker Tools
35. Hack Website Online Tool
36. Hack Tool Apk No Root
37. Pentest Tools Website Vulnerability
38. Hack Tools For Ubuntu
39. Bluetooth Hacking Tools Kali
40. Computer Hacker
41. Hack Tools Online
42. Tools 4 Hack
43. Hacking Tools Github
44. Growth Hacker Tools
45. Hacking Tools 2019
46. Hacker Tools Software
47. Hacker Tools
48. Hacker Tools For Mac
49. Hacking Tools For Windows Free Download
50. Pentest Tools For Mac
51. Hacker
52. Hack Tools 2019
53. Pentest Reporting Tools
54. Pentest Tools Framework
55. World No 1 Hacker Software
56. Hacking Tools Usb
57. Pentest Tools Find Subdomains
58. Blackhat Hacker Tools
59. Hack Tools
60. Hacker Tools Linux
61. Pentest Tools For Mac
62. Pentest Box Tools Download
63. Hacker Tools Hardware
64. Pentest Tools Bluekeep
65. Hacking Tools 2019
66. Hacker Tools Windows
67. Pentest Tools Android
68. Hack Tools For Mac
69. Best Hacking Tools 2019
70. Hacking Tools Download
71. Hacking Tools For Kali Linux
72. Hack Tool Apk No Root
73. Hack And Tools
74. Hacking Tools Free Download
75. Blackhat Hacker Tools
76. Hack Tools For Mac
77. Hacker Tools Github
78. Pentest Tools Review
79. Nsa Hack Tools Download
80. Hack Tools
81. Blackhat Hacker Tools
82. Hacker Tool Kit
83. Hacker Tools Hardware
84. Hack Tools 2019
85. Hacker Tools Online
86. Hacking Tools Name
87. Hack Tools Mac
88. Blackhat Hacker Tools
89. Pentest Tools Github
90. Hacking Tools Kit
91. How To Install Pentest Tools In Ubuntu
92. Hack Tools Download
93. Hacking Tools For Windows Free Download
94. Pentest Tools Android
95. Hacker Tools For Pc
96. Pentest Tools
97. Hack Tools Pc
98. Hacking Tools Mac
99. Pentest Tools Kali Linux
100. Hacker Techniques Tools And Incident Handling
101. Nsa Hacker Tools
102. Hacking Tools Name
103. What Is Hacking Tools
104. Hak5 Tools
105. Hacking Tools 2020
106. Hacking Tools 2020
107. Physical Pentest Tools
108. Hacker Tools Windows
109. Pentest Tools Website
110. Usb Pentest Tools
111. Blackhat Hacker Tools
112. Pentest Tools Online
113. Hack App
114. Hack Apps
115. Hack Tool Apk
116. Hacker Tools 2020
117. Android Hack Tools Github
118. Best Hacking Tools 2020