russia
EU sanctions Russian GRU hackers for cyberattacks against Estonia
The European Union sanctioned three hackers, part of Unit 29155 of Russia’s military intelligence service (GRU), for their involvement in cyberattacks targeting Estonia’s government agencies in 2020. Today, the Council of the EU says that GRU officers Nikolay Korchagin, Vitaly Shevchenko, and Yuriy Denisov stole thousands of sensitive documents containing classified information after breaching several Estonian ministries. […]
US charges operators of cryptomixers linked to ransomware gangs
The U.S. Department of Justice indicted three operators of sanctioned Blender.io and Sinbad.io crypto mixer services used by ransomware gangs and North Korean hackers to launder ransoms and stolen cryptocurrency. Cryptocurrency mixers allow the mixing of deposited crypto assets among many wallet addresses to help obfuscate their source. The services then take a commission from […]
Russian ISP confirms Ukrainian hackers “destroyed” its network
Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announced on Tuesday they had breached Russian internet service provider Nodex’s network and wiped hacked systems after stealing sensitive documents. “The Russian internet provider Nodex in St. Petersburg was completely looted and wiped. Data exfiltrated, while the empty equipment without backups was left to them,” the […]
New FireScam Android malware poses as RuStore app to steal data
A new Android malware named ‘FireScam’ is being distributed as a premium version of the Telegram app via phishing websites on GitHub that mimick the RuStore, Russia’s app market for mobile devices. RuStore launched in May 2022 by the Russian internet group VK (VKontakte) as an alternative to Google Play and Apple’s App Store, following […]
Russian hackers use RDP proxies to steal data in MiTM attacks
The Russian hacking group tracked as APT29 (aka “Midnight Blizzard”) is using a network of 193 remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and credentials and to install malicious payloads. The MiTM attacks utilized the PyRDP red team proxy tool to scan the victims’ filesystems, steal data in the background, […]
Recorded Future CEO applauds “undesirable” designation by Russia
Recorded Future, an American threat intelligence company, has become the first cybersecurity firm designated by the Russian government as an “undesirable” organization. The Russian authorities effectively banned all Recorded Future activity in the country by tagging the company “undesirable,” a label Russia introduced almost a decade ago to describe Western NGOs. Russia’s Prosecutor General’s Office said in a Wednesday […]
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. According to Lookout, which discovered the two malware families, BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both target Russian-speaking individuals in former Soviet states. Gamaredon (aka “Shuckworm”) is […]
Russia blocks Viber in latest attempt to censor communications
Russian telecommunications watchdog Roskomnadzor has blocked the Viber encrypted messaging app, used by hundreds of millions worldwide, for violating the country’s legislation. “Access to the Viber service is restricted due to the violation of the requirements of Russian legislation for organizers of information dissemination,” Russia’s internet regulator said in a press statement. “Compliance with the […]
Russian cyber spies hide behind other hackers to target Ukraine
Russian cyber-espionage group Turla, aka “Secret Blizzard,” is utilizing other threat actors’ infrastructure to target Ukrainian military devices connected via Starlink. Microsoft and Lumen recently exposed how the nation-state actor, who is linked to Russia’s Federal Security Service (FSB), is hijacking and using malware and servers of the Pakistani threat actor Storm-0156. Microsoft released another report […]
Romania’s election systems targeted in over 85,000 cyberattacks
A declassified report from Romania’s Intelligence Service says that the country’s election infrastructure was targeted by more than 85,000 cyberattacks. Threat actors also obtained access credentials for election-related websites and leaked them on a Russian hacker forum less than a week before the first presidential election round. Attacks originating from 33 countries The Romanian Intelligence […]