#Ukraine – Xynik

SPECTR Malware Targets Ukraine Defense Forces in SickSync Campaign

June 7, 2024 by Xynik

June 7, 2024 at 03:54AM Ukraine’s CERT-UA warns of cyber attacks targeting defense forces with SPECTR malware, part of espionage campaign SickSync. Attacks attributed to UAC-0020 (Vermin), associated with Luhansk People’s Republic. SPECTR steals information by grabbing screenshots, harvesting files, and stealing credentials. Vermin group observed previously orchestrating phishing campaigns using SPECTR. CERT-UA also warned … Read more

FlyingYeti phishing crew grounded after abominable Ukraine attacks

May 31, 2024 by Xynik

May 31, 2024 at 02:38AM Cloudflare’s threat intel team thwarted a month-long phishing and espionage attack targeting Ukraine, attributed to Russia-aligned group FlyingYeti. The attack targeted financially strained citizens after a government moratorium on evictions and utility disconnections ended. Cloudforce One stopped the threat, but the target base might have been vast. FlyingYeti intended to … Read more

FlyingYeti Exploits WinRAR Vulnerability to Deliver COOKBOX Malware in Ukraine

May 30, 2024 by Xynik

May 30, 2024 at 01:27PM Cloudflare disrupted a phishing campaign by Russia-aligned threat actor FlyingYeti targeting Ukraine. The campaign used debt-themed lures to distribute the PowerShell malware COOKBOX. Cloudforce One identified the campaign in mid-April 2024, involving Cloudflare Workers and GitHub, and exploiting a WinRAR vulnerability. Another financially motivated group, UAC-0006, was also identified by … Read more

Russian Sandworm hackers targeted 20 critical orgs in Ukraine

April 22, 2024 by Xynik

April 22, 2024 at 08:34AM The Russian hacker group Sandworm, also known as BlackEnergy, Seashell Blizzard, Voodoo Bear, and APT44, carried out disruptive cyberattacks on critical infrastructure in Ukraine. The attacks targeted energy, water, and heating suppliers, exploiting weaknesses in cybersecurity practices. CERT-UA conducted counter-cyberattack operations from March 7 to March 15, 2024, and identified … Read more

Nigeria & Romania Ranked Among Top Cybercrime Havens

April 18, 2024 by Xynik

April 18, 2024 at 04:03AM Cybercrime experts surveyed reveal expected leaders Russia, Ukraine, and China as top cybercrime-producing nations, along with surprising results. Based on the meeting notes, the clear takeaway is that the top cybercrime-producing nations, according to a survey of experts, include expected leaders Russia, Ukraine, and China, as well as some surprises. … Read more

Kremlin’s Sandworm blamed for cyberattacks on US, European water utilities

April 17, 2024 by Xynik

April 17, 2024 at 04:04PM The notorious Russian military cyber unit, Sandworm, linked to GRU intelligence, engaged in cyberattacks on US and European water and hydroelectric utilities, causing disruptions and a water tank overflow. The group has targeted Ukraine and also impacted US and European critical infrastructure. Mandiant warned of the ongoing threat posed by … Read more

U.S. Sanctions 3 Cryptocurrency Exchanges for Helping Russia Evade Sanctions

March 26, 2024 by Xynik

March 26, 2024 at 05:09AM The US Department of the Treasury’s Office of Foreign Assets Control (OFAC) imposed sanctions on three cryptocurrency exchanges for aiding in circumventing economic restrictions on Russia following its invasion of Ukraine. The designations cover thirteen entities and two individuals operating in the Russian financial services and technology sectors, freezing their … Read more

Ukraine Arrests Trio for Hijacking Over 100 Million Email and Instagram Accounts

March 20, 2024 by Xynik

March 20, 2024 at 03:54AM Ukraine’s Cyber Police arrested three individuals for hijacking 100M emails and Instagram accounts, facing up to 15 years in prison if convicted. The group carried out brute-force attacks to take over accounts and sold the credentials on the dark web. In the U.S., Robert Purbeck pleaded guilty to breaching entities … Read more

Army Vet Spills National Secrets to Fake Ukrainian Girlfriend

March 5, 2024 by Xynik

March 5, 2024 at 05:08PM David Franklin Slater, a US Air Force civilian employee, faces charges for disclosing secret information after falling for a romance scam online. With a top-secret security clearance, he transmitted classified national defense information to a person in Ukraine. If convicted, he faces a maximum penalty of 10 years and a … Read more

German defense chat overheard by Russian eavesdroppers on Cisco’s WebEx

March 4, 2024 by Xynik

March 4, 2024 at 12:54PM The German Ministry of Defense has confirmed the authenticity of leaked recordings of high-ranking officials discussing Ukraine’s war efforts. The call was hosted on Cisco’s WebEx platform and possibly intercepted by a Russian agent. Discussions reveal potential support for Ukraine, including supplying Taurus missiles. Russia has used the leak to … Read more