Skip to main content

Russia-Ukraine War: Phishing, Malware and Hackers Groups Taking Sides.

By Editor

 




Ukraine's Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia's military invasion of the country.


"Mass phishing emails have recently been observed targeting private 'i.ua' and 'meta.ua' accounts of Ukrainian military personnel and related individuals," the CERT-UA said. "After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages."


Subsequently, the attacks leverage the contact information stored in the victim's address book to propagate the phishing messages to other targets.




The Ukrainian government attributed the activities to a threat actor tracked as UNC1151, a Minsk-based group whose "members are officers of the Ministry of Defence of the Republic of Belarus." In a follow-up update, the agency said the nation-state group also targets its own citizens, while simultaneously setting its sights on Russian entities –


Association of Belarusians of the World (International Social Union)

Belarusian Music Festival

Samara Oblasna Public Organization "Russian-Belarusian Fraternity 2000"

Dzêâslov, a Belarusian literary magazine

Soviet Belarus (Sovetskaya Belorussiya), a daily newspaper in Belarus

Employees of the National Academy of the Republic of Kazakhstan, and

Voice of the Motherland, a local newspaper in Belarus

UNC1151 is the Mandiant-assigned moniker to an uncategorized threat cluster, which operates with objectives that are aligned with Belarusian government interests. The hacking group is believed to have been active since at least 2016.



"UNC1151 has targeted a wide variety of governmental and private sector entities, with a focus in Ukraine, Lithuania, Latvia, Poland, and Germany," Mandiant researchers said in a November 2021 report. "The targeting also includes Belarusian dissidents, media entities, and journalists."


The state-backed cyber espionage group has also been linked to the Ghostwriter disinformation campaign that promulgated anti-NATO and corruption-themed narratives aimed at Lithuania, Latvia, and Poland with the likely goal of undermining the governments and creating tensions in the region.


What's more, the January defacement attacks of several Ukrainian government websites with threatening messages is believed to be the handiwork of UNC1151 as well.


Hacking Groups Take Sides

The development follows a barrage of data wiper and distributed-denial-of-service (DDoS) attacks against Ukrainian government agencies, even as various hacking groups and ransomware syndicates are capitalizing on the chaos to take sides and further their activities.



"The Anonymous collective is officially in cyber war against the Russian government," the decentralized hacktivist group tweeted, adding it "leaked the database of the Russian Ministry of Defense website."


Prevent Data Breaches

Another group that has declared its fealty to Ukraine is the vigilante group known as GhostSec (short for Ghost Security), which announced it had flooded Russian military websites with DDoS attacks "in support of the people in Ukraine."



The Conti ransomware cartel, which recently absorbed the now-shuttered TrickBot trojan, rallied its "full support" behind the Russian government, threatening to "strike back at the critical infrastructures of an enemy" should "anybody will decide to organize a cyber attack or any war activities against Russia."


The group, however, later rephrased its statement to state that "we do not ally with any government and we condemn the ongoing war." But the Conti team also maintained that it "will use our full capacity to deliver retaliatory measures in case the Western warmongers attempt to target critical infrastructure in Russia or any Russian-speaking region of the world."


Other hacking entities to declare allegiance to Russia are the RedBanditsRU cybercrime group and the lesser-known CoomingProject ransomware program, which pledged to "help the Russian government if cyber attacks and conduct against Russia."


#THN


#osutayusuf

Comments

  1. sam28 February 2022 at 12:34

    Thanks for sharing the information with us. I hope you will share some more information about Russia and Ukraine war. Please keep sharing!
    Best visa and travel agency

    ReplyDelete

Post a Comment

Popular posts from this blog

UGANDA ELECTORAL COMMISSION TO ELIMINATE NATIONAL IDENTIFICATION CARDS (IDs) FOR 2021 GENERAL ELECTIONS.

By Editor
The elimination of using National IDs (Ndagamuntu) for the 2021 elections should not have come as a surprise. One would be very NAIVE to think that Bobi Wine has not prepared for this in his Business Plan under the RISK section. It is public knowledge that our EC is not independent.  It is also public knowledge that Military Dictator Yoweri Museveni will never lose an election. What stunned us this morning is when we noticed that on social media, people were mocking Bobi with his "get your Ndagamuntu".  We are on record for saying to all Our readers that the National ID is like Apartheid in South Africa. Students of History would know how those IDs were being used to arrest people, deny them jobs, deny them basic services. Consequently, Bobi was not wrong and will never be wrong on the Ndagamuntu. Except the ones attacking him and mocking him forget that in Uganda, now, no National ID (Ndagamuntu), no service.  If you have not been denied registering your child i...
Post a Comment
Read more

Here is Why Our Utterances For Praying Jesus And God To Come Liberate Ugandans, May Be Misplaced. This Phrase is like inform of a Letter To Some Categorized Section Of Ugandans.

By Editor
https://m.facebook.com/yusufosuta/photos/a.1896701010557789/2070383359856219/?type=3 OPEN LETTER TO NRM SUPPORTERS - NATIONAL ROBBERS MOVEMENT. .................................................................................. Last week of March, a friend told me to pray for Uganda.  I told him that he was an Idiot and we have prayed for too long and we are still hungry and sick and Jesus is not coming soon to liberate us. He then ignored the STUPID and sent me a picture we all now know.  It got me totally messed up.  This guy was telling me to pray then sends a picture of men bowing down in blood.  He might have meant guns but I blocked him because his utterances of praying for Uganda were misplaced. I unblocked him 3 weeks later and asked him about praying and assassinations.  His reply "eithrr prayers or guns or both". I hate violence with a passion.  So he is now blocked in like FOREVER. Do you feel safe?  Do not feel safe. Uganda regim...
Post a Comment
Read more

The Full List of Permanent Secretaries Appointed by President Museveni.

By Editor
By virtue of the Powers given to the President by Article 174 (2) of the 1995 Constitution of the Republic of Uganda, I hereby, appoint the following as Permanent Secretaries as indicated below: 1. Head of Public Service and Secretary to Cabinet- Lucy Nakyobe 2. Deputy Head of Public Service And Secretary to Cabinet - Deborah Katuramu 3. State House Comptroller - Jane Barekye 4. Principal Private Secretary to the President- Dr. Kenneth Omona 5. Principal Private Secretary to H.E. the Vice President - Alex Kakooza 6.  Office of the Prime Minister - Keith Muhakanizi 7.  Office of the President - Yunus Kakande 8.  Ministry of Agriculture, Animal - Industry and Fisheries David Kyomukama Kasura (Maj. Gen.) 9.  Ministry of Defence and Veteran Affairs- Rosette Byengoma 10. Ministry of Education and Sports -       Kate Lamaro  11. Ministry of Energy and Mineral Development -   Batebe Irene  12. Ministry of Foreign Affairs - Vincent Bag...
Post a Comment
Read more