February 21, 2024 at 01:15AM
A recently discovered influence operation targeted Ukraine, using spam emails to spread war-related disinformation. Slovak cybersecurity company ESET linked the activity to Russia-aligned threat actors, uncovering spear-phishing campaigns and disinformation emails with PDF attachments. The campaign, named Operation Texonto, sent messages to Ukrainian government, energy companies, and individuals, while also targeting Ukrainian speakers in other European nations. The operation extended to a pharmacy scam, indicating the threat actors’ shift towards financial gain.
Based on the meeting notes, a phishing attack and disinformation campaign known as Operation Texonto has been discovered targeting Ukraine. The campaign has exhibited a history of spear-phishing attacks aimed at Ukrainian and European organizations, with the emails containing PDF attachments related to heating interruptions, drug shortages, and food shortages.
The disinformation operation took place in November and December 2023, and the email messages were sent from a domain masquerading as the Ministry of Agrarian Policy and Food of Ukraine, while containing content related to drug shortages misusing the logo of the Ministry of Health of Ukraine.
The second disinformation email campaign targeted Ukrainian speakers in other European nations and suggested extreme actions to avoid military deployment. Furthermore, one of the domains used in the phishing emails also engaged in sending spam messages redirecting potential victims to a fake Canadian pharmacy website.
The meeting notes also mention that Meta took down three networks engaging in coordinated inauthentic behavior, but none of the networks were from Russia. Additionally, Russian state media outlets have shifted focus from political content to non-political infotainment and self-promotional narratives about Russia.
The meeting notes provide a detailed account of the phishing attack and disinformation campaign, along with related developments from Meta and Russian state media outlets.