Cybersecurity researchers on Monday said they uncovered evidence of attempted attacks by a Russia-linked hacking operation targeting a Ukrainian entity in July 2021.
Broadcom-owned Symantec, in a new report published Monday, attributed the attacks to an actor tracked as Gamaredon (aka Shuckworm or Armageddon), a cyber-espionage collective known to be active since at least 2013.
In November 2021, Ukrainian intelligence agencies branded the group as a "special project" of Russia's Federal Security Service (FSB), in addition to pointing fingers at it for carrying out over 5,000 cyberattacks against public authorities and critical infrastructure located in the country.
Gamaredon attacks typically originate with phishing emails that trick the recipients into installing a custom remote access trojan called Pterodo. Symantec disclosed that, between July 14, 2021 and August 18, 2021, the actor installed several variants of the backdoor as well as deployed additional scripts and tools.
"The attack chain began with a malicious document, likely sent via a phishing email, which was opened by the user of the infected machine," the researchers said. The identity of the affected organization was not disclosed.
Towards the end of July, the adversary leveraged the implant to download and run an executable file that acted as a dropper for a VNC client before establishing connections with a remote command-and-control server under their control.
"This VNC client appears to be the ultimate payload for this attack," the researchers noted, adding the installation was followed by accessing a number of documents ranging from job descriptions to sensitive company information on the compromised machine.
Ukraine Calls Out False Flag Operation in Wiper Attacks
The findings come amidst a wave of disruptive and destructive attacks levied against Ukrainian entities by alleged Russian state-sponsored actors, resulting in the deployment of a file wiper dubbed WhisperGate, around the same time multiple websites belonging to the government were defaced.
Subsequent investigation into the malware has since revealed that the code used in the wiper was re-purposed from a faux ransomware campaign called WhiteBlackCrypt that was aimed at Russian victims in March 2021.
Interestingly, the ransomware is known to include a trident symbol — that is part of Ukraine's coat of arms — in the ransom note it displays to its victims, leading Ukraine to suspect that this may have been a false flag operation deliberately intended to blame a "fake" pro-Ukrainian group for staging an attack on their own government.
Read more
- Hacking Tools Kit
- Pentest Tools Free
- Pentest Tools Website
- How To Install Pentest Tools In Ubuntu
- Hacking Tools Hardware
- Pentest Tools
- Wifi Hacker Tools For Windows
- Hacker Tools Linux
- Hack Tool Apk
- Pentest Tools Subdomain
- Pentest Tools List
- Growth Hacker Tools
- Hak5 Tools
- Hacker
- Blackhat Hacker Tools
- New Hacker Tools
- Hacking Tools Windows 10
- Pentest Tools For Ubuntu
- How To Install Pentest Tools In Ubuntu
- Hak5 Tools
- How To Make Hacking Tools
- Pentest Recon Tools
- Hacking Tools For Kali Linux
- Hacking Tools For Pc
- Hak5 Tools
- Growth Hacker Tools
- Pentest Tools Github
- Best Hacking Tools 2020
- Pentest Recon Tools
- Pentest Tools Alternative
- Hacking Tools 2020
- What Is Hacking Tools
- Hacker Tools Apk Download
- Hack Tools For Windows
- Pentest Reporting Tools
- Hacking Tools Mac
- Hacking Tools Hardware
- Pentest Tools Linux
- New Hacker Tools
- Hack Tools
- Hacker Search Tools
- Pentest Tools Alternative
- Pentest Tools For Windows
- Hackers Toolbox
- Hack Tools
- Hacker
- Hacking Tools Windows
- Easy Hack Tools
- New Hack Tools
- Hacker Tools Linux
- Hacker Security Tools
- Kik Hack Tools
- How To Make Hacking Tools
- Pentest Recon Tools
- Hacker Security Tools
- Game Hacking
- Hack Tool Apk No Root
- Hacker Tools Windows
- Hacking Tools Name
- Hack Tools For Mac
- Easy Hack Tools
- Hacker Tools Mac
- Hacking Tools For Windows 7
- Hack Tools Github
- Hacking Tools Usb
- Hackers Toolbox
- Hacking Tools For Mac
- Hacking Tools Hardware
- Hacking Tools Windows
- Pentest Tools Alternative
- Hacker Tools Free
- Hacker Tools For Pc
- Hacking Tools Kit
- Pentest Tools For Android
- Best Hacking Tools 2020
- Hacking Tools For Pc
- Hack Tools 2019
- Pentest Tools Website
- Pentest Tools Kali Linux
- Hacking Tools For Mac
- Hacker Techniques Tools And Incident Handling
- Game Hacking
- Tools Used For Hacking
- Pentest Tools Nmap
- How To Hack
- Hacking Tools For Pc
- Hacking Tools Download
- Hacking Tools Kit
- Hacking Tools For Games
- Hackers Toolbox
- Hack Tools
- Nsa Hack Tools Download
- Ethical Hacker Tools
- Hacking Tools Usb
- Hacker Hardware Tools
- Hack Rom Tools
- Hacker Tools Windows
- Pentest Tools Find Subdomains
- Hackers Toolbox
- Hacker Tools Apk Download
- Hacker Tools For Windows
- Pentest Tools Android
- Hack Tool Apk
- Game Hacking
- Pentest Tools For Mac
- Pentest Tools Apk
- Hacking Tools Mac
- Hacker Tools For Mac
- Hacker Search Tools
- Hacking Tools Pc
- Pentest Tools Tcp Port Scanner
- Hacker Tools 2019
- Hacking Tools Windows 10
- Hackrf Tools
- Hacker Search Tools
- Pentest Tools Website Vulnerability
- Hacking Tools Windows
- Android Hack Tools Github
- Pentest Tools Apk
- Hacking Tools Software
- Hacking Tools
- Hacker Tools List
- Pentest Tools Subdomain
- Beginner Hacker Tools
- Hack Tools For Mac
- Pentest Reporting Tools
- Hacker Tools List
- Best Hacking Tools 2020
- Hacker Tools Apk Download
- Hacking Tools For Windows Free Download
- Android Hack Tools Github
- Hack Tools Online
- Pentest Tools Online
- Hack And Tools
- Hack Rom Tools
- Hacking Tools For Windows 7
No comments:
Post a Comment