Cybersecurity researchers on Monday said they uncovered evidence of attempted attacks by a Russia-linked hacking operation targeting a Ukrainian entity in July 2021.
Broadcom-owned Symantec, in a new report published Monday, attributed the attacks to an actor tracked as Gamaredon (aka Shuckworm or Armageddon), a cyber-espionage collective known to be active since at least 2013.
In November 2021, Ukrainian intelligence agencies branded the group as a "special project" of Russia's Federal Security Service (FSB), in addition to pointing fingers at it for carrying out over 5,000 cyberattacks against public authorities and critical infrastructure located in the country.
Gamaredon attacks typically originate with phishing emails that trick the recipients into installing a custom remote access trojan called Pterodo. Symantec disclosed that, between July 14, 2021 and August 18, 2021, the actor installed several variants of the backdoor as well as deployed additional scripts and tools.
"The attack chain began with a malicious document, likely sent via a phishing email, which was opened by the user of the infected machine," the researchers said. The identity of the affected organization was not disclosed.
Towards the end of July, the adversary leveraged the implant to download and run an executable file that acted as a dropper for a VNC client before establishing connections with a remote command-and-control server under their control.
"This VNC client appears to be the ultimate payload for this attack," the researchers noted, adding the installation was followed by accessing a number of documents ranging from job descriptions to sensitive company information on the compromised machine.
Ukraine Calls Out False Flag Operation in Wiper Attacks
The findings come amidst a wave of disruptive and destructive attacks levied against Ukrainian entities by alleged Russian state-sponsored actors, resulting in the deployment of a file wiper dubbed WhisperGate, around the same time multiple websites belonging to the government were defaced.
Subsequent investigation into the malware has since revealed that the code used in the wiper was re-purposed from a faux ransomware campaign called WhiteBlackCrypt that was aimed at Russian victims in March 2021.
Interestingly, the ransomware is known to include a trident symbol — that is part of Ukraine's coat of arms — in the ransom note it displays to its victims, leading Ukraine to suspect that this may have been a false flag operation deliberately intended to blame a "fake" pro-Ukrainian group for staging an attack on their own government.
Continue reading
- Hacker Tools Linux
- Pentest Reporting Tools
- Top Pentest Tools
- Hack Tools 2019
- Hacker Tools Linux
- Pentest Tools Url Fuzzer
- Pentest Tools Url Fuzzer
- Hacker Tools 2019
- Bluetooth Hacking Tools Kali
- Pentest Tools Port Scanner
- Hacker Tools For Windows
- Hack Tools Mac
- Hacker Tools Mac
- Easy Hack Tools
- New Hacker Tools
- What Is Hacking Tools
- Pentest Tools Github
- Pentest Tools List
- Hacking Tools Kit
- Pentest Recon Tools
- Pentest Tools List
- Best Hacking Tools 2020
- Pentest Tools Website
- Beginner Hacker Tools
- Github Hacking Tools
- Hacking Tools Github
- Hacking Tools Hardware
- Hacking Tools Hardware
- Hack Tools For Mac
- Pentest Tools Subdomain
- Pentest Tools Nmap
- Physical Pentest Tools
- Pentest Tools Kali Linux
- Hackers Toolbox
- Install Pentest Tools Ubuntu
- Pentest Tools Github
- Pentest Box Tools Download
- Pentest Tools Windows
- Hack Tools For Ubuntu
- Hacker Tools For Mac
- Hacker Tools
- Best Hacking Tools 2020
- Easy Hack Tools
- Hack Tools Github
- Hack Tools For Windows
- Hacking Tools For Windows
- Install Pentest Tools Ubuntu
- Hack Tools For Ubuntu
- Hacking Tools Free Download
- Hack Tools Github
- Hack Tools For Ubuntu
- Hacking Tools For Games
- Hacker Tools Free
- Pentest Tools For Ubuntu
- Hacking Tools For Pc
- Hacker Techniques Tools And Incident Handling
- Hacking Tools For Mac
- Free Pentest Tools For Windows
- Pentest Tools Website
- Pentest Tools Windows
- New Hack Tools
- Hacker Security Tools
- Tools Used For Hacking
- Hacker Tools Apk
- Hacker Tools Windows
- Hacking Tools 2020
- Pentest Tools For Windows
- Pentest Tools Website Vulnerability
- Hacking Tools 2020
- Physical Pentest Tools
- Pentest Tools Github
- Hacking Tools For Pc
- Hack Tools For Mac
- Growth Hacker Tools
- Hacking Tools For Windows Free Download
- Hacker Tools List
- Pentest Tools Android
- Github Hacking Tools
- Hacking Tools Windows 10
- Pentest Tools List
- Kik Hack Tools
- Pentest Tools Framework
- Pentest Tools Windows
- Tools 4 Hack
- Hacker Tools For Windows
- Hack Tools
- Hacker Tool Kit
- Install Pentest Tools Ubuntu
- Pentest Tools For Mac
- Hack Tool Apk No Root
- Physical Pentest Tools
- Beginner Hacker Tools
- Hack Tools Mac
- Pentest Tools Apk
- Hack Tools Mac
- Hacker Tools 2020
- Nsa Hack Tools
- Pentest Tools Windows
- Hacker Tools Mac
- Hacker Tools For Ios
- Hacking Tools For Pc
- Best Pentesting Tools 2018
- Hack Tools Online
- Hacker Tools Mac
- Hacking Tools For Beginners
- Usb Pentest Tools
- Pentest Automation Tools
- Hack Tools For Games
- Wifi Hacker Tools For Windows
- Hacking Tools For Pc
No comments:
Post a Comment