• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
Cyber Security News

Russian Hackers Use Western Networks to Attack Ukraine

You are here: Home / General Cyber Security News / Russian Hackers Use Western Networks to Attack Ukraine
December 6, 2022

Russian hackers are making use of their existence within the networks of businesses in the UK, US and in other places to launch attacks from Ukraine, a new report from Lupovis has discovered.

The Scottish security organization established up a series of decoys on the web to entice Russian risk actors so it could analyze their strategies, techniques and techniques (TTPs).

This included faux “honeyfile” files leaked to cybercrime community forums and spoofed to include what appeared to be critical usernames, passwords and other details.

✔ Approved From Our Partners
AOMEI Backupper Lifetime

Protect and backup your data using AOMEI Backupper. AOMEI Backupper takes secure and encrypted backups from your Windows, hard drives or partitions. With AOMEI Backupper you will never be worried about loosing your data anymore.

Get AOMEI Backupper with 72% discount from an authorized distrinutor of AOMEI: SerialCart® (Limited Offer).

➤ Activate Your Coupon Code


Other decoys included insecurely configured web portals made to mimic Ukrainian political and governmental web sites, and “high conversation and ssh services.” The latter ended up configured to take the bogus qualifications from the web portals.

The exercise highlighted just how primed and prepared Russian risk actors are to seize on any evidence of Ukrainian targets. Some 50–60 human actors interacted with just five decoys, with numerous of them reaching the honeypots inside just a minute of them likely live.

The duped hackers tried to have out a wide range of attacks, ranging from reconnaissance of the entice information to conscripting them into DDoS botnets, and exploitation of SQL injection and other bugs.

Far more surprising was what Lupovis located subsequently.

“The most about finding from our research is that Russian cyber-criminals have compromised the networks of multiple world companies, which include a Fortune 500 enterprise, around 15 healthcare organizations and a dam checking method,” the vendor spelled out.

“These companies have been primarily based in the UK, France, the US, Brazil and South Africa, and Russian criminals are rerouting through their networks to launch cyber-attacks on Ukraine, which successfully means they are using these corporations to carry out their soiled work.”

Lupovis hypothesized that the threat actors may possibly be Russian cyber-criminals alternatively than condition actors.

“Given that our exploration demonstrates over 15 healthcare organizations had been compromised by Russian criminals, this could propose the attackers are operating underneath the radar on their networks and utilizing their access to start attacks on other institutions,” it argued.

“Once they are discovered, they then start ransomware attacks on the health care organizations’ units or complete facts breaches. This would propose attackers are maximizing each and every resource in their arsenal to compromise an group in advance of shifting on to their up coming sufferer.”


Some pieces of this posting are sourced from:
www.infosecurity-journal.com

Previous Post: «sophos appoints new svp of sales for emea Sophos appoints new SVP of sales for EMEA
Next Post: Telcom and BPO Companies Under Attack by SIM Swapping Hackers telcom and bpo companies under attack by sim swapping hackers»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.