23 Dec, 2024

Russian hackers use RDP proxies to steal data in MiTM attacks

The Russian hacking group tracked as APT29 (aka “Midnight Blizzard”) is using a network of 193 remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and credentials and to install malicious payloads. The MiTM attacks utilized the PyRDP red team proxy tool to scan the victims’ filesystems, steal data in the background, […]

3 mins read

Recorded Future CEO applauds “undesirable” designation by Russia

​Recorded Future, an American threat intelligence company, has become the first cybersecurity firm designated by the Russian government as an “undesirable” organization. The Russian authorities effectively banned all Recorded Future activity in the country by tagging the company “undesirable,” a label Russia introduced almost a decade ago to describe Western NGOs. Russia’s Prosecutor General’s Office said in a Wednesday […]

2 mins read

Russian cyberspies target Android users with new spyware

Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. According to Lookout, which discovered the two malware families, BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both target Russian-speaking individuals in former Soviet states. Gamaredon (aka “Shuckworm”) is […]

3 mins read

Russia blocks Viber in latest attempt to censor communications

Russian telecommunications watchdog Roskomnadzor has blocked the Viber encrypted messaging app, used by hundreds of millions worldwide, for violating the country’s legislation. “Access to the Viber service is restricted due to the violation of the requirements of Russian legislation for organizers of information dissemination,” Russia’s internet regulator said in a press statement. “Compliance with the […]

1 min read

Russian cyber spies hide behind other hackers to target Ukraine

Russian cyber-espionage group Turla, aka “Secret Blizzard,” is utilizing other threat actors’ infrastructure to target Ukrainian military devices connected via Starlink. Microsoft and Lumen recently exposed how the nation-state actor, who is linked to Russia’s Federal Security Service (FSB), is hijacking and using malware and servers of the Pakistani threat actor Storm-0156. Microsoft released another report […]

4 mins read

Romania’s election systems targeted in over 85,000 cyberattacks

A declassified report from Romania’s Intelligence Service says that the country’s election infrastructure was targeted by more than 85,000 cyberattacks. Threat actors also obtained access credentials for election-related websites and leaked them on a Russian hacker forum less than a week before the first presidential election round. Attacks originating from 33 countries The Romanian Intelligence […]

3 mins read

New Android spyware found on phone seized by Russian FSB

After a Russian programmer was detained by Russia’s Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. The programmer, Kirill Parubets, was arrested by the FSB after being accused of donating to Ukraine. After regaining access to his […]

3 mins read

UK disrupts Russian money laundering networks used by ransomware

​A law enforcement operation led by the United Kingdom’s National Crime Agency (NCA) has disrupted two Russian money laundering networks working with criminals worldwide, including ransomware gangs. Dubbed “Operation Destabilise,” this international investigation has led to the arrest of 84 Russian-speaking suspects linked to the Smart (led by Ukrainian George Rossi) and TGR (controlled by […]

3 mins read

Russia sentences Hydra dark web market leader to life in prison

Russian authorities have sentenced the leader of the criminal group behind the now-closed dark web platform Hydra Market to life in prison. Additionally, more than a dozen accomplices have been convicted for their involvement in the production and sale of nearly a ton of drugs. Stanislav Moiseyev, the group’s “organizer,” who was sentenced to life […]

3 mins read

Russia arrests cybercriminal Wazawaka for ties with ransomware gangs

Russian law enforcement has arrested and indicted notorious ransomware affiliate Mikhail Pavlovich Matveev (also known as Wazawaka, Uhodiransomwar, m1x, and Boriselcin) for developing malware and his involvement in several hacking groups. While the prosecutor’s office has yet to release any details on the individual’s identity (described as a “programmer” in court documents), the individual is […]

3 mins read