Getty Pictures
Russian hackers have conducted numerous phishing strategies targeting end users of one particular of Ukraine’s most well-liked on line news vendors.
Which is in accordance to Google’s Risk Investigation Group (TAG), which has attributed the attacks to the Russia-backed APT28 gang, also known as FancyBear and Strontium.

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).
➤ Get Mullvad VPN with 12% Discount
The phishing email messages experienced been sent from a large variety of compromised non-Google accounts, and involved inbound links to newly-produced, attacker-managed Blogspot domains, which redirected targets to credential phishing webpages with the next domains:
- id-unconfirmeduser[.]frge[.]io
- hatdfg-rhgreh684[.]frge[.]io
- ua-consumerpanel[.]frge[.]io
- Consumerspanel[.]frge[.]io
The Blogspot domains have since been taken down, Google declared on Monday. The credential phishing pages are flagged as “dangerous” on the Google Chrome browser, as portion of Google’s Secure Searching support. Released in 2007, the assistance identifies unsafe internet websites throughout the web and notifies consumers and site proprietors of likely hurt with an attention-grabbing, pink warning information.
FancyBear’s phishing campaign in opposition to Ukr.net is just a person of numerous attempts by Russian and Belarusan danger actors to goal Ukrainian organisations.
The TAG crew has also been tracking the notorious Belarusan hacking team acknowledged as Ghostwriter, which it has noticed launching phishing attacks versus the Ukrainian and Polish governments.
The tech big has also recorded recurring DDoS makes an attempt versus Ukraine’s Ministry of International Affairs, Ministry of Inner Affairs, as perfectly as companies like Liveuamap that are intended to assist individuals obtain data. This has prompted Google to expand the eligibility for its absolutely free DDoS protection instrument recognised as Task Protect, which sees Google soak up the inflow of “bad traffic” and hold the targeted website on the net.
Google reported that “over 150 web sites in Ukraine, which include numerous information organisations, are using the service” and encouraged “all suitable organisations to register for Challenge Shield”.
Eligibility is determined on a rolling basis, with Google accepting Google Account holders that deal with or individual a web site in the news, human legal rights and political sectors.
Some sections of this article are sourced from:
www.itpro.co.uk