Ukraine Continues To Face Cyber Espionage Attacks From Russian Hackers

Cybersecurity researchers on Monday said they uncovered evidence of attempted attacks by a Russia-linked hacking operation targeting a Ukrainian entity in July 2021.

Broadcom-owned Symantec, in a new report published Monday, attributed the attacks to an actor tracked as Gamaredon (aka Shuckworm or Armageddon), a cyber-espionage collective known to be active since at least 2013.

In November 2021, Ukrainian intelligence agencies branded the group as a "special project" of Russia's Federal Security Service (FSB), in addition to pointing fingers at it for carrying out over 5,000 cyberattacks against public authorities and critical infrastructure located in the country.

Gamaredon attacks typically originate with phishing emails that trick the recipients into installing a custom remote access trojan called Pterodo. Symantec disclosed that, between July 14, 2021 and August 18, 2021, the actor installed several variants of the backdoor as well as deployed additional scripts and tools.

"The attack chain began with a malicious document, likely sent via a phishing email, which was opened by the user of the infected machine," the researchers said. The identity of the affected organization was not disclosed.

Towards the end of July, the adversary leveraged the implant to download and run an executable file that acted as a dropper for a VNC client before establishing connections with a remote command-and-control server under their control.

"This VNC client appears to be the ultimate payload for this attack," the researchers noted, adding the installation was followed by accessing a number of documents ranging from job descriptions to sensitive company information on the compromised machine.

Ukraine Calls Out False Flag Operation in Wiper Attacks

The findings come amidst a wave of disruptive and destructive attacks levied against Ukrainian entities by alleged Russian state-sponsored actors, resulting in the deployment of a file wiper dubbed WhisperGate, around the same time multiple websites belonging to the government were defaced.

Subsequent investigation into the malware has since revealed that the code used in the wiper was re-purposed from a faux ransomware campaign called WhiteBlackCrypt that was aimed at Russian victims in March 2021.

Interestingly, the ransomware is known to include a trident symbol — that is part of Ukraine's coat of arms — in the ransom note it displays to its victims, leading Ukraine to suspect that this may have been a false flag operation deliberately intended to blame a "fake" pro-Ukrainian group for staging an attack on their own government.

Related news

1. Pentest Tools For Ubuntu
2. Hacker Tool Kit
3. Hacker Tools Apk
4. Hacker Tools For Windows
5. New Hack Tools
6. Hack Tools Pc
7. Best Pentesting Tools 2018
8. Pentest Tools Linux
9. Computer Hacker
10. Tools 4 Hack
11. Pentest Tools Subdomain
12. Usb Pentest Tools
13. Computer Hacker
14. Hacking Tools Name
15. Hacking Tools
16. Pentest Tools For Ubuntu
17. Hackrf Tools
18. Hack Tool Apk
19. Hacker Tool Kit
20. Hack Tools For Windows
21. Hacking App
22. Hacking Tools Windows
23. Pentest Reporting Tools
24. Hackers Toolbox
25. Hacking Tools For Windows Free Download
26. Hacker Tools Free
27. Hacking Tools Software
28. Best Pentesting Tools 2018
29. Pentest Tools Tcp Port Scanner
30. Pentest Tools For Mac
31. Hacker Tools
32. Hacking Tools For Pc
33. Hacking Tools For Windows Free Download
34. Pentest Tools For Mac
35. Pentest Tools Kali Linux
36. Hacker Tools Online
37. Hacker Tools Online
38. Hacker Tool Kit
39. Hacking Tools And Software
40. Pentest Tools Free
41. Nsa Hacker Tools
42. Hack App
43. Hacker Tools For Windows
44. Ethical Hacker Tools
45. Hacking Tools Github
46. Hacking Tools Hardware
47. Beginner Hacker Tools
48. How To Hack
49. Hack Tools 2019
50. Hack Tools
51. Hacking Tools 2019
52. Best Hacking Tools 2019
53. Pentest Tools Port Scanner
54. Pentest Tools Find Subdomains
55. Hacking Tools Hardware
56. Pentest Tools Bluekeep
57. Easy Hack Tools
58. Beginner Hacker Tools
59. Hacker Tools Linux
60. Hacking Tools Windows
61. Hacking Tools For Windows Free Download
62. Pentest Automation Tools
63. Pentest Tools Android
64. Hack Tools Github
65. What Is Hacking Tools
66. Hacker Search Tools
67. Hacking Tools Pc
68. Blackhat Hacker Tools
69. Usb Pentest Tools
70. Beginner Hacker Tools
71. Hacking Tools Download
72. Hacking Tools Software
73. Hacker Tools For Windows
74. Hack Website Online Tool
75. Best Hacking Tools 2020
76. Hacking Tools Pc
77. Pentest Tools Website Vulnerability
78. Hacker Tools Free Download
79. Wifi Hacker Tools For Windows
80. Hack Tools For Games
81. New Hack Tools
82. Hacker Hardware Tools
83. Pentest Tools Website Vulnerability
84. Hacking Tools 2019
85. Install Pentest Tools Ubuntu
86. Hacker
87. What Is Hacking Tools
88. How To Make Hacking Tools
89. Pentest Tools Website
90. Hacker Tool Kit
91. Pentest Tools Website
92. Hacker Tools For Pc
93. Hack Tool Apk No Root
94. Hack Tools Online
95. Hacking Tools For Windows Free Download
96. Pentest Tools Find Subdomains
97. Nsa Hack Tools
98. How To Hack
99. Hack Tools 2019
100. Black Hat Hacker Tools
101. Bluetooth Hacking Tools Kali
102. Best Pentesting Tools 2018
103. Hacking Tools For Pc
104. Game Hacking
105. Hack Tools For Windows
106. Hacker Tools Github
107. Pentest Tools Windows
108. Hackers Toolbox
109. Physical Pentest Tools
110. Pentest Tools For Windows
111. Best Hacking Tools 2019
112. Pentest Tools Open Source
113. How To Hack
114. What Are Hacking Tools
115. Underground Hacker Sites
116. Pentest Tools For Mac
117. Hacking App
118. Physical Pentest Tools
119. Termux Hacking Tools 2019
120. Top Pentest Tools
121. Hacker Search Tools
122. Hack Tools For Pc
123. Github Hacking Tools
124. Pentest Tools Subdomain
125. Android Hack Tools Github
126. Hackrf Tools
127. Hacker Tools Mac
128. Hackrf Tools
129. Hacker Hardware Tools
130. Tools Used For Hacking
131. Beginner Hacker Tools
132. Pentest Tools Website