A Warning From Ukraine About Russian Hackers

Uploaded on 2023-03-13 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Defence, FREE TO VIEW

Ukraine's National Security and Defense Council has issued a warning that Russia is setting in motion  a large-scale cyber attack as part of its renewed military offensive in the East of the country.

This week, Ukranian CERT has released reports stating that the Russian hacker group Gamaredon, also known as UAC-0010, Primitive Bear, BlueAlpha, ACTINIUM, and Trident Ursa, is increasing its attacks. according to Ukrainian sources, the group is based in Sevastopol in Crimea and follows instructions from the Russian FSB spy agency 

Gamaredon Group is a suspected Russian cyber espionage threat group that has targeted military, NGO, judiciary, law enforcement, and non-profit organisations in Ukraine since at least 2013. The name Gamaredon Group comes from a misspelling of the word "Armageddon", which was detected in the adversary's early campaigns

According to Doron Davidson, VP Global Services at Logpoint “Gamaredon has carried out several cyberattacks against Ukraine since it originated in June 2013, a few months before Russia forcibly annexed the Crimean Peninsula... We’ve recently seen significant spikes in their activities and the group remains the most active, intrusive, and pervasive APT.” 

The Ukraine State Service of Special Communication and Information Protection says that Gamaredon aims to steal information and use it for espionage  using GammaLoad and GammaSteal spyware. 

The malware is designed to attack all Windows, Linux, and Android operating systems. These malware variants are custom-made information-stealing implants that can exfiltrate files of specific extensions, steal user credentials, and take screenshots of the victim’s computer.

Logpoint’s investigation into GammaLoad and GammaSteal shows that the malware variants get delivered via spear-phishing emails from compromised government employees, including malicious HTML files, MS Office documents and phishing websites to target devices. 

Using  the right tools, Logpoint says that  Garamedon can be detected and with the use of SOAR, the threat  can be neutralized.

SCPC:       Gov.ua:        Logpoint:       Logpoint:    Suspilne Media:     MITRE:

You Might Also Read: 

Cyberwar: Lessons From Ukraine:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Barcelona Hospital Knocked Offline By Ransomware
A New Tool For Protecting ML Systems Security »

CyberSecurity Jobsite
Check Point
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

North Infosec Testing (North IT)

North Infosec Testing (North IT)

North IT (North Infosec Testing) are an award-winning provider of web, software, and application penetration testing.

LockLizard

LockLizard

Locklizard provides PDF DRM software that protects PDF documents from unauthorized access and misuse. Share and sell documents securely - prevent document leakage, sharing and piracy.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

ZenGRC

ZenGRC

ZenGRC (formerly Reciprocity) is a leader in the GRC SaaS landscape, offering robust and intuitive products designed to make compliance straightforward and efficient.

BCS, The chartered Institute for IT

BCS, The chartered Institute for IT

BCS provides IT professionals with up to date and relevant certifications enabling them to manage IT security effectively within their budget.

Praetorian

Praetorian

Praetorian is an offensive cybersecurity company whose mission is to prevent breaches before they occur.

North American Electric Reliability Corporation (NERC)

North American Electric Reliability Corporation (NERC)

NERC is a not-for-profit international regulatory authority whose mission is to assure the reliability and security of the bulk power system in North America.

Ipsidy

Ipsidy

Our identity platform enables mobile users to more easily authenticate their identity to a mobile phone or portable device of their choosing.

Datec PNG

Datec PNG

Datec is the the largest end-to-end information and communications technology solutions and services provider in Papua New Guinea.

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

Department of Justice - Computer Crime and Intellectual Property Section (CCIPS)

The Computer Crime and Intellectual Property Section (CCIPS) is responsible for implementing the Department's national strategies in combating computer and intellectual property crimes worldwide.

Gluu

Gluu

Modern Authentication for Digital Enterprise. Organizations around the world trust Gluu for large-scale, high-security identity & access management.

Netragard

Netragard

Netragard has an established reputation for providing high-quality offensive and defensive security services.

Russell Reynolds Associates

Russell Reynolds Associates

Russell Reynolds Associates is a global leadership advisory and search firm with functional expertise in Digital Leadership, Data & Analytics, and Compliance.

Squad

Squad

Squad provides leading expertise to ensure protection against the most complex cyber threats. Combining the best practices of DevOps and Cybersecurity, we are committed to create a secured cyber space

Oasis Technology

Oasis Technology

Oasis Technology are experts in cyber security. In addition to pioneering the game-changing TITAN anti-hacking device, we provide extensive cyber security consulting services.

MyKRIS Asia

MyKRIS Asia

MyKRIS specialise in providing and managing Internet network services and cyber security services to enterprises.

Astute Technology Management

Astute Technology Management

Astute Technology Management helps businesses take control of their technology and work with greater confidence.

Opal Security

Opal Security

Opal is an identity and access management platform that offers a consolidated view and control of your whole ecosystem from on-prem to cloud and SaaS.

Hunt & Hackett

Hunt & Hackett

Hunt & Hackett helps European companies prevent, detect and respond to today’s most advanced adversaries, safeguarding them against cyberthreats and espionage.

Skylark

Skylark

Skylark is a leading global IT services provider, transforming client’s businesses through innovative and advanced technology solutions.