A Warning From Ukraine About Russian Hackers

Uploaded on 2023-03-13 in INTELLIGENCE-Hot Spots-Russia, GOVERNMENT-Defence, FREE TO VIEW

Ukraine's National Security and Defense Council has issued a warning that Russia is setting in motion  a large-scale cyber attack as part of its renewed military offensive in the East of the country.

This week, Ukranian CERT has released reports stating that the Russian hacker group Gamaredon, also known as UAC-0010, Primitive Bear, BlueAlpha, ACTINIUM, and Trident Ursa, is increasing its attacks. according to Ukrainian sources, the group is based in Sevastopol in Crimea and follows instructions from the Russian FSB spy agency 

Gamaredon Group is a suspected Russian cyber espionage threat group that has targeted military, NGO, judiciary, law enforcement, and non-profit organisations in Ukraine since at least 2013. The name Gamaredon Group comes from a misspelling of the word "Armageddon", which was detected in the adversary's early campaigns

According to Doron Davidson, VP Global Services at Logpoint “Gamaredon has carried out several cyberattacks against Ukraine since it originated in June 2013, a few months before Russia forcibly annexed the Crimean Peninsula... We’ve recently seen significant spikes in their activities and the group remains the most active, intrusive, and pervasive APT.” 

The Ukraine State Service of Special Communication and Information Protection says that Gamaredon aims to steal information and use it for espionage  using GammaLoad and GammaSteal spyware. 

The malware is designed to attack all Windows, Linux, and Android operating systems. These malware variants are custom-made information-stealing implants that can exfiltrate files of specific extensions, steal user credentials, and take screenshots of the victim’s computer.

Logpoint’s investigation into GammaLoad and GammaSteal shows that the malware variants get delivered via spear-phishing emails from compromised government employees, including malicious HTML files, MS Office documents and phishing websites to target devices. 

Using  the right tools, Logpoint says that  Garamedon can be detected and with the use of SOAR, the threat  can be neutralized.

SCPC:       Gov.ua:        Logpoint:       Logpoint:    Suspilne Media:     MITRE:

You Might Also Read: 

Cyberwar: Lessons From Ukraine:

___________________________________________________________________________________________

If you like this website and use the comprehensive 6,500-plus service supplier Directory, you can get unrestricted access, including the exclusive in-depth Directors Report series, by signing up for a Premium Subscription.

  • Individual £5 per month or £50 per year. Sign Up
  • Multi-User, Corporate & Library Accounts Available on Request

Cyber Security Intelligence: Captured Organised & Accessible

 

« Barcelona Hospital Knocked Offline By Ransomware
A New Tool For Protecting ML Systems Security »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

CYRIN

CYRIN

CYRIN® Cyber Range. Real Tools, Real Attacks, Real Scenarios. See why leading educational institutions and companies in the U.S. have begun to adopt the CYRIN® system.

ZenGRC

ZenGRC

ZenGRC - the first, easy-to-use, enterprise-grade information security solution for compliance and risk management - offers businesses efficient control tracking, testing, and enforcement.

MIRACL

MIRACL

MIRACL provides the world’s only single step Multi-Factor Authentication (MFA) which can replace passwords on 100% of mobiles, desktops or even Smart TVs.

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

Fuel Recruitment

Fuel Recruitment

Fuel Recruitment is a specialist recruitment company for the IT, Telecoms, Engineering, Consulting and Marketing industries.

Green Hills Software

Green Hills Software

Green Hills Software is the largest independent vendor of embedded secure software solutions for applications including the Internet of Things.

Cyber, Space, & Intelligence Association (CSIA)

Cyber, Space, & Intelligence Association (CSIA)

CSIA focuses on issues critical to Cyber Security, Military Space and Intelligence.

IABG

IABG

Activities include consulting services in the development of software systems in the area of secure information and data communication.

ThreatAdvice

ThreatAdvice

ThreatAdvice is a provider of cybersecurity education, awareness and threat intelligence.

Hornetsecurity

Hornetsecurity

Meet Hornetsecurity – Leading Cloud Email Security Provider. We protect global organizations so you can focus on what you do best.

LEADS

LEADS

LEADS is considered as a leading ICT Solution Provider and an IT partner of choice in Bangladesh.

Blockchain Solutions

Blockchain Solutions

Blockchain Solutions Limited is a technological One Stop Solution provider, for Blockchain technology.

DataTribe

DataTribe

DataTribe is a cyber startup foundry, leveraging deep experience and expertise to build and launch successful product companies.

Crypto International

Crypto International

Crypto International offers comprehensive services for the operation of our customers’ IT and communication infrastructure, with a focus on cybersecurity and encryption solutions.

Have I Been Pwned (HIBP)

Have I Been Pwned (HIBP)

Have I Been Pwned is a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach.

ARIA Cybersecurity Solutions

ARIA Cybersecurity Solutions

The ARIA ADR Automatic Detection & Response solution was designed to find, verify, and stop all types of attacks - automatically and in real time.

Epiphany Systems

Epiphany Systems

Epiphany enhances your defensive security controls by providing you with an offensive perspective. We expose the most likely attack paths to your most critical IT assets and users.

Kralos

Kralos

Kralos are an experienced team of Software and IT experts, specialized in the development of innovative cybersecurity solutions.

Silk Security

Silk Security

Silk is the first platform that enables enterprises to take a strategic, sustainable approach to resolving code, infrastructure and application risk.

SIGLA Group

SIGLA Group

SIGLA Group specialize in the design and development of IT and OT solutions, from analysis to design, from implementation to commissioning, as well as consultancy, training and assistance.