Cybersecurity researchers on Monday said they uncovered evidence of attempted attacks by a Russia-linked hacking operation targeting a Ukrainian entity in July 2021.
Broadcom-owned Symantec, in a new report published Monday, attributed the attacks to an actor tracked as Gamaredon (aka Shuckworm or Armageddon), a cyber-espionage collective known to be active since at least 2013.
In November 2021, Ukrainian intelligence agencies branded the group as a "special project" of Russia's Federal Security Service (FSB), in addition to pointing fingers at it for carrying out over 5,000 cyberattacks against public authorities and critical infrastructure located in the country.
Gamaredon attacks typically originate with phishing emails that trick the recipients into installing a custom remote access trojan called Pterodo. Symantec disclosed that, between July 14, 2021 and August 18, 2021, the actor installed several variants of the backdoor as well as deployed additional scripts and tools.
"The attack chain began with a malicious document, likely sent via a phishing email, which was opened by the user of the infected machine," the researchers said. The identity of the affected organization was not disclosed.
Towards the end of July, the adversary leveraged the implant to download and run an executable file that acted as a dropper for a VNC client before establishing connections with a remote command-and-control server under their control.
"This VNC client appears to be the ultimate payload for this attack," the researchers noted, adding the installation was followed by accessing a number of documents ranging from job descriptions to sensitive company information on the compromised machine.
Ukraine Calls Out False Flag Operation in Wiper Attacks
The findings come amidst a wave of disruptive and destructive attacks levied against Ukrainian entities by alleged Russian state-sponsored actors, resulting in the deployment of a file wiper dubbed WhisperGate, around the same time multiple websites belonging to the government were defaced.
Subsequent investigation into the malware has since revealed that the code used in the wiper was re-purposed from a faux ransomware campaign called WhiteBlackCrypt that was aimed at Russian victims in March 2021.
Interestingly, the ransomware is known to include a trident symbol — that is part of Ukraine's coat of arms — in the ransom note it displays to its victims, leading Ukraine to suspect that this may have been a false flag operation deliberately intended to blame a "fake" pro-Ukrainian group for staging an attack on their own government.
- Nsa Hack Tools
- Pentest Tools Framework
- Hack And Tools
- Hacker Tools Hardware
- Hacking Tools Windows 10
- New Hacker Tools
- Physical Pentest Tools
- Pentest Tools
- Hacking Tools Software
- Hack Tool Apk No Root
- Pentest Tools Open Source
- Hacker Tools
- Underground Hacker Sites
- Hackers Toolbox
- Tools For Hacker
- Hacker Tools Free Download
- Hacker Tools Software
- Hack Tools For Mac
- Hacking Tools Usb
- Hacker Tools Online
- Growth Hacker Tools
- Tools For Hacker
- Pentest Automation Tools
- Pentest Tools Framework
- Pentest Tools Alternative
- Hack Tool Apk
- Tools 4 Hack
- Hack And Tools
- Pentest Tools Tcp Port Scanner
- Hacker Tools Linux
- Tools For Hacker
- Hacking Tools And Software
- Hacker Security Tools
- Hacking Tools 2020
- Pentest Tools Open Source
- How To Hack
- Hack Tools Download
- Pentest Tools Framework
- Computer Hacker
- Best Pentesting Tools 2018
- Easy Hack Tools
- Hack Website Online Tool
- Hack And Tools
- Hack Tools 2019
- Hacker Tools Windows
- Hacking Tools Online
- Pentest Box Tools Download
- Hacking Tools Mac
- Pentest Tools For Mac
- Hacking Tools For Windows
- Hacker Tools For Ios
- Pentest Automation Tools
- Pentest Tools Review
- Install Pentest Tools Ubuntu
- Android Hack Tools Github
- Hacking Tools For Pc
- Termux Hacking Tools 2019
- Pentest Reporting Tools
- Game Hacking
- Pentest Tools Find Subdomains
- Hack Tools
- Hacker Tools Software
- Pentest Tools Website Vulnerability
- Hacker Tools Free Download
- Hacking Tools For Beginners
- Hack Tool Apk
- How To Make Hacking Tools
- Best Hacking Tools 2020
- Growth Hacker Tools
- Install Pentest Tools Ubuntu
- Pentest Tools Website
- Hacking Tools Github
- Hacking Tools Windows
- Bluetooth Hacking Tools Kali
- Pentest Tools List
- Hackers Toolbox
- Hacking Tools For Windows Free Download
- Pentest Automation Tools
- Best Pentesting Tools 2018
- Hacker Tools For Pc
- Ethical Hacker Tools
- Hack Tools Online
- Best Pentesting Tools 2018
- Top Pentest Tools
- Best Hacking Tools 2020
- Computer Hacker
- Hacking Tools And Software
- Hacker Tools Hardware
- Pentest Tools Framework
- Hack Tools
- Pentest Tools Subdomain
- Hack Tools For Games
- Pentest Tools Review
- Hackers Toolbox
- Hack Tools Mac
- Pentest Tools Website
- Hacking Tools Github
- Hacking Tools For Windows Free Download
- Pentest Tools Alternative
- Termux Hacking Tools 2019
- Hacker Tools For Pc
- Pentest Tools Review
- Tools For Hacker
- Hacker Tools For Windows
- Hacker Tools For Mac
- Hacker Hardware Tools
- Pentest Tools Website Vulnerability
- Pentest Tools Alternative
- Pentest Tools Apk
- Best Hacking Tools 2020
- Hacker Tools
- Hacking Tools Kit
- Tools 4 Hack
- Kik Hack Tools
- Hack Apps
- Hack Tools For Ubuntu
- Tools 4 Hack
- Pentest Tools
- Hack And Tools
- Hacker Tools For Ios
- Hacker Techniques Tools And Incident Handling
- Hacking Tools Hardware
- Computer Hacker
- Top Pentest Tools
- Pentest Tools Subdomain
- Pentest Tools Nmap
- Pentest Tools Bluekeep
- Pentest Tools Apk
- Top Pentest Tools
- Pentest Tools Review
- Tools Used For Hacking
- Hacker Tools For Windows
- Hacker Tools Windows
- Hack Tools Github
- Hacker Tools For Pc
- Hacking Tools Pc
- Hacker
- Free Pentest Tools For Windows
- Pentest Tools Online
- Hacker Tools Free Download
No comments:
Post a Comment