Russia Ukraine Cyberwar
Ukraine’s Computer Emergency Response Team (CERT-UA) has warned of Belarusian state-sponsored hackers targeting its military personnel and related individuals as part of a phishing campaign mounted amidst Russia’s military invasion of the country.
“Mass phishing emails have recently been observed targeting private ‘i.ua’ and ‘meta.ua’ accounts of Ukrainian military personnel and related individuals,” the CERT-UA said. “After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages.”
Subsequently, the attacks leverage the contact information stored in the victim’s address book to propagate the phishing messages to other targets.
Hacking Groups Take Sides
The development follows a barrage of data wiper and distributed-denial-of-service (DDoS) attacks against Ukrainian government agencies, even as various hacking groups and ransomware syndicates are capitalizing on the chaos to take sides and further their activities.
“The Anonymous collective is officially in cyber war against the Russian government,” the decentralized hacktivist group tweeted, adding it “leaked the database of the Russian Ministry of Defense website.”
Hacking collective Anonymous declares cyberwar against Vladimir Putin
The Conti ransomware cartel, which recently absorbed the now-shuttered TrickBot trojan, rallied its “full support” behind the Russian government, threatening to “strike back at the critical infrastructures of an enemy” should “anybody will decide to organize a cyber attack or any war activities against Russia.”
The group, however, later rephrased its statement to state that “we do not ally with any government and we condemn the ongoing war.” But the Conti team also maintained that it “will use our full capacity to deliver retaliatory measures in case the Western warmongers attempt to target critical infrastructure in Russia or any Russian-speaking region of the world.”
Russia Ukraine Cyberwar