• Menu
  • Skip to main content
  • Skip to primary sidebar

The Cyber Security News

Latest Cyber Security News

Header Right

  • Latest News
  • Vulnerabilities
  • Cloud Services
ukrainian ethical hackers targeted by russian malware attacks

Ukrainian ethical hackers targeted by Russian malware attacks

You are here: Home / General Cyber Security News / Ukrainian ethical hackers targeted by Russian malware attacks
March 11, 2022

Russian hacking on a laptop mockup with code sprawling more than the monitor

Cyber criminals are preying on moral hackers supporting the IT Army of Ukraine by deceiving them into downloading information and facts-thieving malware.

Opportunistic cyber criminals are posing as genuine representatives of the IT Army of Ukraine and pretending to offer them with applications to deliver distributed denial of service attacks (DDoS) that eventually change out to be malware, according to researchers at Cisco Talos.

✔ Approved Seller From Our Partners
Mullvad VPN Discount

Protect your privacy by Mullvad VPN. Mullvad VPN is one of the famous brands in the security and privacy world. With Mullvad VPN you will not even be asked for your email address. No log policy, no data from you will be saved. Get your license key now from the official distributor of Mullvad with discount: SerialCart® (Limited Offer).

➤ Get Mullvad VPN with 12% Discount


The IT Army of Ukraine is a team that mobilise through the Telegram system and was originally assembled at the begin of the conflict by a Ukrainian Minister to recruit as quite a few supporters as attainable to fight Russia in cyber house.

The group at this time has additional than 300,000 associates and posts daily ‘hit lists’ – lists of concentrate on .ru URLs for tech-savvy supporters of Ukraine to knock offline. Latest targets include Russian electronic signature services and importers of technology for the Russian army.

Criminals are concentrating on these moral hackers applying Telegram channels that are seemingly similar to the real IT Army of Ukraine team, but are not authentic.

Screenshot of deceptive malware message in a Telegram group

Cisco Talos

Cisco Talos researchers saw circumstances of adverts for inauthentic variations of legitimate DDoS applications, these as the authentic Disbalancer Liberator instrument, which when clicked infect the user’s program with information and facts-thieving malware that harvests credentials and cryptocurrency info.

The information and facts stealer gleans information from browsers these kinds of as Chrome and Firefox, and scans other locations on the file program for essential facts ahead of relaying it again to a Russian IP deal with.

“This is an case in point of one particular of the quite a few means opportunistic cybercriminals are making an attempt to get gain of the Russian invasion by exploiting sympathisers on each sides of the conflict,” the researchers stated.

“Such exercise could get the sort of themed email lures on news topics or donation solicitations, malicious backlinks purporting to host reduction cash or refugee aid web sites, malware masquerading as security defensive or offensive equipment, and more. Users must diligently inspect suspicious emails just before opening them and validate software package or other data files prior to downloading them.”

Cisco Talos explained evidence implies the menace actors powering the marketing campaign have been distributing infostealers since “at minimum November 2021” but have now pivoted to targeting hacktivists siding with Ukraine.

It also claimed it expects the information-stealing action to carry on and diversify as the world wide fascination in the conflict generates a potentially large pool of targets for risk actors to prey on.


Some sections of this posting are sourced from:
www.itpro.co.uk

Previous Post: «multiple security flaws discovered in popular software package managers Multiple Security Flaws Discovered in Popular Software Package Managers
Next Post: IT Pro News In Review: Google acquires Mandiant, new Apple hardware, Lapsus$ leaks Samsung data it pro news in review: google acquires mandiant, new apple»

Reader Interactions

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Primary Sidebar

Report This Article

Recent Posts

  • WhatsApp Unveils Proxy Support to Tackle Internet Censorship
  • Hackers Using CAPTCHA Bypass Tactics in Freejacking Campaign on GitHub
  • Blind Eagle Hacking Group Targets South America With New Tools
  • US Family Planning Non-Profit MFHS Confirms Ransomware Attack
  • Microsoft Reveals Tactics Used by 4 Ransomware Families Targeting macOS
  • Dridex Malware Now Attacking macOS Systems with Novel Infection Method
  • Cyber attacks on UK organisations surged 77% in 2022, new research finds
  • WhatsApp to combat internet blackouts with proxy server support
  • The IT Pro Podcast: Going passwordless
  • Podcast transcript: Going passwordless

Copyright © TheCyberSecurity.News, All Rights Reserved.