Browsing tag
The Russian-speaking cybercrime group called RedCurl is leveraging a legitimate Microsoft Windows component called the Program Compatibility Assistant (PCA) to execute malicious commands. “The Program Compatibility Assistant Service (pcalua.exe) is a Windows service designed to identify and address compatibility issues with older programs,” Trend Micro said in an analysis published this month. “Adversaries can exploit […]
The Computer Emergency Response Team of Ukraine (CERT-UA) has revealed that threat actors “interfered” with at least 11 telecommunication service providers in the country between May and September 2023. The agency is tracking the activity under the name UAC-0165, stating the intrusions led to service interruptions for customers. The starting point of the attacks is […]
The Russian nation-state actor known as BlueBravo has been observed targeting diplomatic entities throughout Eastern Europe with the goal of delivering a new backdoor called GraphicalProton, exemplifying the continuous evolution of the threat. The phishing campaign is characterized by the use of legitimate internet services (LIS) for command-and-control (C2) obfuscation, Recorded Future said in a […]
An ongoing phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA). The emails, per the agency, are sent using compromised accounts and come with a ZIP archive that, in reality, is a polyglot file […]
A Russia-linked threat actor has been observed deploying a new information-stealing malware in cyber attacks targeting Ukraine. Dubbed Graphiron by Broadcom-owned Symantec, the malware is the handiwork of an espionage group known as Nodaria, which is tracked by the Computer Emergency Response Team of Ukraine (CERT-UA) as UAC-0056. “The malware is written in Go and […]
A Russian national on February 7, 2023, pleaded guilty in the U.S. to money laundering charges and for attempting to conceal the source of funds obtained in connection with Ryuk ransomware attacks. Denis Mihaqlovic Dubnikov, 30, was arrested in Amsterdam in November 2021 before he was extradited from the Netherlands in August 2022. He is […]
The State Cyber Protection Centre (SCPC) of Ukraine has called out the Russian state-sponsored threat actor known as Gamaredon for its targeted cyber attacks on public authorities and critical information infrastructure in the country. The advanced persistent threat, also known as Actinium, Armageddon, Iron Tilden, Primitive Bear, Shuckworm, Trident Ursa, and UAC-0010, has a track […]
The Russia-linked APT29 nation-state actor has been found leveraging a “lesser-known” Windows feature called Credential Roaming as part of its attack against an unnamed European diplomatic entity. “The diplomatic-centric targeting is consistent with Russian strategic priorities as well as historic APT29 targeting,” Mandiant researcher Thibault Van Geluwe de Berlaere said in a technical write-up. APT29, […]
The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of a new set of spear-phishing attacks exploiting the “Follina” flaw in the Windows operating system to deploy password-stealing malware. Attributing the intrusions to a Russian nation-state group tracked as APT28 (aka Fancy Bear or Sofacy), the agency said the attacks commence with a lure […]
An unknown advanced persistent threat (APT) group has been linked to a series of spear-phishing attacks targeting Russian government entities since the onset of the Russo-Ukrainian war in late February 2022. “The campaigns […] are designed to implant a Remote Access Trojan (RAT) that can be used to surveil the computers it infects, and run […]
Yaroslav Vasinskyi, a Ukrainian national, linked to the Russia-based REvil ransomware group has been extradited to the U.S. to face charges for his role in carrying out the file-encrypting malware attacks against several companies, including Kaseya last July. The 22-year-old had been previously arrested in Poland in October 2021, prompting the U.S. Justice Department (DoJ) […]
In an unprecedented move, Russia’s Federal Security Service (FSB), the country’s principal security agency, on Friday disclosed that it arrested several members belonging to the notorious REvil ransomware gang and neutralized its operations. The surprise takedown, which it said was carried out at the request of the U.S. authorities, saw the law enforcement agency conduct […]
Ukraine’s premier law enforcement and counterintelligence agency on Thursday disclosed the real identities of five individuals allegedly involved in digital intrusions attributed to a cyber-espionage group named Gamaredon, linking the members to Russia’s Federal Security Service (FSB). Calling the hacker group “an FSB special project, which specifically targeted Ukraine,” the Security Service of Ukraine (SSU) […]
A Russian national, who was arrested in South Korea last month and extradited to the U.S. on October 20, appeared in a federal court in the state of Ohio on Thursday to face charges for his alleged role as a member of the infamous TrickBot group. “This is another success for the Department’s recently launched […]
A Russian hacker who was found guilty of hacking LinkedIn, Dropbox, and Formspring over eight years ago has finally been sentenced to 88 months in United States prison, that’s more than seven years by a federal court in San Francisco this week. Yevgeniy Aleksandrovich Nikulin, 32, of Moscow hacked into servers belonging to three American […]
Short Bytes: Roman Seleznev, a Russian hacker and son of Russian MP Valery Seleznev, has been sentenced to 27 years in credit card case. He was accused of hitting more than 3,700 businesses and causing more than $169 million in damages. US Attorney Annette Hayes called it a bad day for hackers, MP Valery Seleznev labelled it as […]
Roman Seleznev, the son of the prominent Russian Parliament member Valery Seleznev was sentenced to 27 years in jail for hacking. The Russian hacker Roman Seleznev, aka Track2, was sentenced to 27 years in prison, he was convicted of causing $170 million in damage by hacking into point-of-sale systems. This sentence is the longest one ever imposed in […]
Spanish law enforcement arrested in Barcellona the Russian hacker Pyotr Levashov who is suspected of being involved in attacks on 2016 US Election. Spanish law enforcement arrested in Barcelona the Russian hacker and alleged spam kingpin Pyotr Levashov (36). The man is suspected of being involved in hacking attacks against entities linked to the 2016 US Presidential Election. […]
The US Department of Justice announced yesterday that Maxim Senakh, 41, of Velikii Novgorod, Russia, pleaded guilty for his role in the creation of the Ebury malware and for maintaining its infamous botnet. US authorities indicted Senakh in January 2015, and the law enforcement detained the hacker in Finland in August of the same year. […]
Russian Hackers Stealed info of Democratic party leaders Russian hacker referred to as “Guccifer a pair of.0” is behind the extremely controversial DNC 20,000 email leaks to Wikileaks. Hackers Stealed information of party leaders. now the hacker has uploaded associate degree surpass file that has personal contact info of Democratic law-makers Campaign Committee (DCCC) obtained […]
Russia has arrested 50 people accused of using malware to steal more than 1.7 bn roubles ($25m; £18m). The gang allegedly seeded websites with malware that gave them access to victims’ PCs and, from there, their bank accounts. Technical tricks used by the hackers made it hard for security software to spot the malicious code once […]