Skip to main content

Russia-Ukraine War: Phishing, Malware and Hackers Groups Taking Sides.

By Editor

 




Ukraine's Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia's military invasion of the country.


"Mass phishing emails have recently been observed targeting private 'i.ua' and 'meta.ua' accounts of Ukrainian military personnel and related individuals," the CERT-UA said. "After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages."


Subsequently, the attacks leverage the contact information stored in the victim's address book to propagate the phishing messages to other targets.




The Ukrainian government attributed the activities to a threat actor tracked as UNC1151, a Minsk-based group whose "members are officers of the Ministry of Defence of the Republic of Belarus." In a follow-up update, the agency said the nation-state group also targets its own citizens, while simultaneously setting its sights on Russian entities –


Association of Belarusians of the World (International Social Union)

Belarusian Music Festival

Samara Oblasna Public Organization "Russian-Belarusian Fraternity 2000"

Dzêâslov, a Belarusian literary magazine

Soviet Belarus (Sovetskaya Belorussiya), a daily newspaper in Belarus

Employees of the National Academy of the Republic of Kazakhstan, and

Voice of the Motherland, a local newspaper in Belarus

UNC1151 is the Mandiant-assigned moniker to an uncategorized threat cluster, which operates with objectives that are aligned with Belarusian government interests. The hacking group is believed to have been active since at least 2016.



"UNC1151 has targeted a wide variety of governmental and private sector entities, with a focus in Ukraine, Lithuania, Latvia, Poland, and Germany," Mandiant researchers said in a November 2021 report. "The targeting also includes Belarusian dissidents, media entities, and journalists."


The state-backed cyber espionage group has also been linked to the Ghostwriter disinformation campaign that promulgated anti-NATO and corruption-themed narratives aimed at Lithuania, Latvia, and Poland with the likely goal of undermining the governments and creating tensions in the region.


What's more, the January defacement attacks of several Ukrainian government websites with threatening messages is believed to be the handiwork of UNC1151 as well.


Hacking Groups Take Sides

The development follows a barrage of data wiper and distributed-denial-of-service (DDoS) attacks against Ukrainian government agencies, even as various hacking groups and ransomware syndicates are capitalizing on the chaos to take sides and further their activities.



"The Anonymous collective is officially in cyber war against the Russian government," the decentralized hacktivist group tweeted, adding it "leaked the database of the Russian Ministry of Defense website."


Prevent Data Breaches

Another group that has declared its fealty to Ukraine is the vigilante group known as GhostSec (short for Ghost Security), which announced it had flooded Russian military websites with DDoS attacks "in support of the people in Ukraine."



The Conti ransomware cartel, which recently absorbed the now-shuttered TrickBot trojan, rallied its "full support" behind the Russian government, threatening to "strike back at the critical infrastructures of an enemy" should "anybody will decide to organize a cyber attack or any war activities against Russia."


The group, however, later rephrased its statement to state that "we do not ally with any government and we condemn the ongoing war." But the Conti team also maintained that it "will use our full capacity to deliver retaliatory measures in case the Western warmongers attempt to target critical infrastructure in Russia or any Russian-speaking region of the world."


Other hacking entities to declare allegiance to Russia are the RedBanditsRU cybercrime group and the lesser-known CoomingProject ransomware program, which pledged to "help the Russian government if cyber attacks and conduct against Russia."


#THN


#osutayusuf

Comments

  1. sam28 February 2022 at 12:34

    Thanks for sharing the information with us. I hope you will share some more information about Russia and Ukraine war. Please keep sharing!
    Best visa and travel agency

    ReplyDelete

Post a Comment

Popular posts from this blog

How to Host a Website for Free From Your PC or Laptop.

By Editor
Why pay for a web hosting service when your old computer can do the same thing? Learn how to self-host your site. If you're planning to launch a website but don't want to pay recurring monthly or annual hosting fees, you can use any old laptop or desktop PC to host a website for free. It's a great way to utilize your old system instead of throwing it away. In this guide, we will install and set up services on our 10-year-old laptop to host a WordPress, Joomla, or custom HTML or PHP-based website with a free SSL certificate. MAKEUSEOF VIDEO OF THE DAY Things You Will Need to Host a Website Following are the pre-requisites to host a website for free from home with just your computer: An old laptop or PC running Ubuntu Server. A registered domain name for your website Ethernet cable to connect the laptop or PC to router for reliable and fast connection Step 1: Update and Upgrade the Packages After  installing Ubuntu Server on your computer , execute the following c...
Post a Comment
Read more

We Bring You Brief Series of Sanctions Against Uganda Government Officials.

By Editor
📸: Gen Abel Kandiho. On 9-December-2021, USA slapped sanctions against the then CMI Commander Gen Abel Kandiho. 📸: Gen Kale Kayihura. On 9-December-2022, UK slapped sanctions against former Police Boss Gen Kale Kayihura. 📸: Commissioner General of Prisons, Johnson Byabashaija. Again on this 4-December-2023, the same USA has slapped sanctions against Uganda Prisons Commander Johnson Byabashaija over alleged torture and human rights abuses in Prisons across Uganda. We ask, has USA and UK made December as an LCM to slap sanctions against high ranking government officials in Uganda even when the sanctions just remain on paper without deeper investigations to ascertain logical conclusions or remedy to that effect ?. #iip_updates  #Information_is_Power  #we_inform_the_uninformed
Post a Comment
Read more

UGANDA ELECTORAL COMMISSION TO ELIMINATE NATIONAL IDENTIFICATION CARDS (IDs) FOR 2021 GENERAL ELECTIONS.

By Editor
The elimination of using National IDs (Ndagamuntu) for the 2021 elections should not have come as a surprise. One would be very NAIVE to think that Bobi Wine has not prepared for this in his Business Plan under the RISK section. It is public knowledge that our EC is not independent.  It is also public knowledge that Military Dictator Yoweri Museveni will never lose an election. What stunned us this morning is when we noticed that on social media, people were mocking Bobi with his "get your Ndagamuntu".  We are on record for saying to all Our readers that the National ID is like Apartheid in South Africa. Students of History would know how those IDs were being used to arrest people, deny them jobs, deny them basic services. Consequently, Bobi was not wrong and will never be wrong on the Ndagamuntu. Except the ones attacking him and mocking him forget that in Uganda, now, no National ID (Ndagamuntu), no service.  If you have not been denied registering your child i...
Post a Comment
Read more