In recent weeks, Russian hackers well-known to law enforcement have been engaging in phishing campaigns, espionage and other attacks targetting Ukraine and its European allies, said Alphabet Inc’s Google. These hackers include FancyBear.
In a blog post on Monday, Google’s Threat Analysis Group, which focuses on disrupting computer hackers and issuing warnings about them to users, said that for the last two weeks, Russian hacking unit FancyBear, which is also known as APT28, has been sending phishing emails to Ukrainian media company, UkrNet.
Russia has denied that it uses hackers to attack its foes. The phishing messages look to steal account login information from users to breach a target’s computers and online accounts.
Google did not say whether the attacks were successful.
Ghostwriter/UNC1151, which has been described as a Belarusian threat actor by Google, has been trying to steal account credentials through phishing attempts on Polish and Ukrainian government and military organisations.
Also Read: US, allies plan ways to help establish, support a Ukrainian government-in-exile
Mustang Panda or Temp.Hex, which Google described as China-based, has been sending virus-laden attachments to “European entities” with file names, such as “Situation at the EU borders with Ukraine.zip.”
The effort has been described by Google as a deviation from Mustang Panda’s standard focus on Southeast Asian targets.
(With inputs from agencies)
