Tag: russia
-
Leaked Black Basta Chat Logs Show Banality of Ransomware
‘He Is an Idiot,’ Dissatisfied Hacker Writes of Boss. Two hundred thousand internal chat messages from the Russian ransomware group Black Basta have been leaked online, supposedly in reprisal for the operation targeting Russian banks. The partial logs, spanning 13 months, detail negotiations with victims, ransoms paid, internal disagreements and more. First seen on govinfosecurity.com…
-
A huge trove of leaked Black Basta chat logs expose the ransomware gang’s key members and victims
A leaker allegedly published the leaked internal messages after the group allegedly targeted Russian banks First seen on techcrunch.com Jump to article: techcrunch.com/2025/02/21/a-huge-trove-of-leaked-black-basta-chat-logs-expose-the-ransomware-gangs-key-members-and-victims/
-
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife
A pro-Ukraine hacking group claimed that it was behind an attack on CarMoney, a Russian microfinance company with reported connections to Vladimir Putin’s ex-wife. First seen on therecord.media Jump to article: therecord.media/russia-carmoney-data-breach-ukrainian-cyber-alliance
-
German election targeted by Russian disinformation, security services warn
Germany’s security services warned on Friday that fake videos circulating online purporting to reveal ballot manipulation in the country’s upcoming federal elections were part of a Russian information operation. First seen on therecord.media Jump to article: therecord.media/german-election-targeted-by-russian-disinformation
-
DDoS-Angriff auf Banken in Italien
Italian websites targeted by alleged pro-Russian hackers First seen on reuters.com Jump to article: www.reuters.com/world/europe/alleged-pro-russian-hackers-hit-20-italian-websites-cybersecurity-agency-says-2025-02-17/
-
Russia-linked APTs target Signal messenger
Russia-linked threat actors exploit Signal ‘s >>linked devices
-
Russian Groups Target Signal Messenger in Spy Campaign
These sorts of attacks reveal growing adversary interest in secure messaging apps used by high-value targets for communication, Google says. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/russian-groups-target-signal-messenger-in-spy-campaign
-
Russia-aligned threat groups dupe Ukrainian targets via Signal
Google researchers say multiple Russian state threat groups have conducted remote phishing operations to target and compromise Signal accounts. First seen on cyberscoop.com Jump to article: cyberscoop.com/russia-threat-groups-target-ukraine-signal/
-
Russia-aligned hackers are targeting Signal users with device-linking QR codes
Swapping QR codes in group invites and artillery targeting are latest ploys. First seen on arstechnica.com Jump to article: arstechnica.com/information-technology/2025/02/russia-aligned-hackers-are-targeting-signal-users-with-device-linking-qr-codes/
-
Russian cyberespionage groups target Signal users with fake group invites
QR codes provide a means of phishing Signal users: These features now work by scanning QR codes that contain the cryptographic information needed to exchange keys between different devices in a group or to authorize a new device to an account. The QR codes are actually representations of special links that the Signal application knows…
-
Hackers Tricking Users Into Linking Devices to Steal Signal Messages
Is your Signal, WhatsApp, or Telegram account safe? Google warns of increasing attacks by Russian state-backed groups. Learn… First seen on hackread.com Jump to article: hackread.com/hackers-trick-users-link-device-steal-signal-messages/
-
Warning over privacy of encrypted messages as Russia targets Signal Messenger
Russia is using phishing attacks to compromise encrypted Signal Messenger services used by targets in the Ukraine. Experts warn that other encrypted app users are at risk First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366619473/Warning-over-privacy-of-encrypted-messages-as-Russia-targets-Signal-Messenger
-
Russian Hackers Target Signal Messenger Users to Steal Sensitive Data
Russian state-aligned threat actors have intensified their efforts to compromise Signal Messenger accounts, targeting individuals of strategic interest, according to the Google Threat Intelligence Group (GTIG). These campaigns, primarily linked to Russia’s ongoing military operations in Ukraine, aim to intercept sensitive communications from military personnel, politicians, journalists, and activists. The attackers are exploiting Signal’s >>linked…
-
Russian CryptoBytes Hackers Target Windows Machines with UxCryptor Ransomware
Tags: cyber, cybercrime, data-breach, group, hacker, malware, ransomware, russia, threat, tool, windowsThe SonicWall Capture Labs threat research team has identified continued activity from the Russian cybercriminal group CryptoBytes, which has been active since at least 2023. This financially motivated group is leveraging a ransomware strain named UxCryptor, which has gained notoriety for its reliance on leaked ransomware builders. These tools lower the technical barrier for malware…
-
Russian state hackers spy on Ukrainian military through Signal app
Russian state-backed hackers are increasingly targeting Signal messenger accounts, including those used by Ukrainian military personnel and government officials, in an effort to access sensitive information that could aid Moscow’s war effort, researchers warn. First seen on therecord.media Jump to article: therecord.media/russian-state-hackers-spy-on-ukraine-military-signal
-
A Signal Update Fends Off a Phishing Technique Used in Russian Espionage
Google warns that hackers tied to Russia are tricking Ukrainian soldiers with fake QR codes for Signal group invites that let spies steal their messages. Signal has pushed out new safeguards. First seen on wired.com Jump to article: www.wired.com/story/russia-signal-qr-code-phishing-attack/
-
Russian State Hackers Target Signal to Spy on Ukrainians
Google has warned that Russian state-backed hackers are targeting Signal to eavesdrop on persons of interest in Ukraine First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/russian-hackers-signal-spy/
-
How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying
Mandiant warns that multiple Russian APTs are abusing a nifty Signal Messenger feature to surreptitiously spy on encrypted conversations. The post How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/how-russian-hackers-are-exploiting-signals-linked-devices-for-real-time-spying/
-
Trojanized Game Installers Deploy Cryptocurrency Miner in Large-Scale StaryDobry Attack
Users who are on the lookout for popular games were lured into downloading trojanized installers that led to the deployment of a cryptocurrency miner on compromised Windows hosts.The large-scale activity has been codenamed StaryDobry by Russian cybersecurity company Kaspersky, which first detected it on December 31, 2024. It lasted for a month.Targets of the campaign…
-
Russian Government Proposes Stricter Penalties to Tackle Cybercrime
Tags: cyber, cybercrime, cybersecurity, framework, government, hacker, infrastructure, law, russia, threatThe Russian government has unveiled sweeping legislative reforms aimed at curbing cybercrime, introducing stricter penalties, expansive law enforcement powers, and novel judicial measures. Approved on February 10, 2025, the amendments seek to modernize the nation’s cybersecurity framework amid rising digital threats, targeting hackers, fraudsters, and infrastructure attackers with harsher punishments and strengthened investigative tools. The…
-
New pro-Russian DDoS attacks target Italian websites
First seen on scworld.com Jump to article: www.scworld.com/brief/new-pro-russian-ddos-attacks-target-italian-websites
-
‘Hybrid’ description downplays Russian intrusions, Estonian official says
Tags: russiaFirst seen on scworld.com Jump to article: www.scworld.com/brief/hybrid-description-downplays-russian-intrusions-estonian-official-says
-
Phishing campaign targets Microsoft device-code authentication flows
Russian state-sponsored hackers have attacked enterprises and government agencies in North America and overseas. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/phishing-campaign-targets-microsoft-device-code-authentication-flows/740201/
-
Threat Actors Trojanize Popular Games to Evade Security and Infect Systems
A sophisticated malware campaign was launched by cybercriminals, targeting users through trojanized versions of popular games. Exploiting the holiday season’s heightened torrent activity, the attackers distributed compromised game installers via torrent trackers. The campaign, which lasted for a month, primarily delivered the XMRig cryptominer to unsuspecting users in Russia, Brazil, Germany, Belarus, and Kazakhstan. Popular…
-
Is Russia Reining In Ransomware-Wielding Criminals?
Flurry of Arrests a Potential Prelude to Russia-Ukraine Peace Negotiations Even before Donald Trump took office on Jan. 20, there were signs that Russian President Vladimir Putin ordered cybercriminals operating inside his country’s borders to be reined in, potentially as a bargaining chip in negotiations over Russia’s stalemated war of conquest against Ukraine. First seen…
-
Storm-2372: Russian-Linked Hackers Exploit Device Code Phishing in Global Campaign
Microsoft Threat Intelligence has uncovered an active and ongoing phishing campaign conducted by the threat actor Storm-2372, a First seen on securityonline.info Jump to article: securityonline.info/storm-2372-russian-linked-hackers-exploit-device-code-phishing-in-global-campaign/