Recorded Future, in collaboration with CERT-UA researchers, has unveiled a recent cyber offensive orchestrated by Russian-speaking hackers affiliated with the APT28 Group (also known as Fancy Bear, BlueDelta, Sednit, and Sofacy). Their target: Roundcube mail servers of various Ukrainian organizations, including government entities. As a reminder, we previously reported on the divergence of hacker groups,… Continue reading APT28 Attacked Ukrainian and Polish Organizations
Tag: CERT-UA
Russian Organizations Under Attack By Chinese APTs
Unveiling a recent cyber saga, the experts at SentinelLabs have unearthed a menacing digital force, strategically honing in on Russian organizations. In their detective work, they’ve traced the sinister trail back to the notorious Chinese APT group, a revelation corroborated by the vigilant eyes at Ukraine CERT (CERT-UA). The plot thickens as the adversaries deploy… Continue reading Russian Organizations Under Attack By Chinese APTs
Russian Hackers Use Follina Vulnerability to Attack Users in Ukraine
The Ukraine Computer Emergency Response Team (CERT-UA) said Russian hackers are exploiting the Follina vulnerability in new phishing campaigns to install CredoMap malware and Cobalt Strike beacons. According to experts, the APT28 hacker group (Strontium, Fancy Bear and Sofacy) sends out emails with a malicious document called “Nuclear Terrorism Is a Real Threat.rtf”. The hackers… Continue reading Russian Hackers Use Follina Vulnerability to Attack Users in Ukraine
Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites
Ukrainian Computer Emergency Response Team (CERT-UA) said that Ukraine was hit by large-scale DDoS attacks. CERT-UA has published a report on ongoing DDoS attacks on Ukrainian websites and a government web portal. Unknown attackers compromise WordPress sites and inject malicious JavaScript code into the HTML structure. The script is base64 encoded to avoid detection like… Continue reading Ukraine Was Hit by DDoS Attacks from Hacked WordPress Sites