Tag: ukraine
-
The Hidden War Above: How GPS Jamming Exposes Our Digital Vulnerabilities
Every day, thousands of flights cross the skies above the Baltic Sea. Pilots expect their GPS systems to guide them safely through busy air corridors, just as they have for decades. But since Russia’s invasion of Ukraine in 2022, something has changed. Navigation screens flicker with false readings. Aircraft suddenly lose their bearings. Pilots find..…
-
Ukrainian Fugitive Added to EU Most Wanted List for LockerGoga Ransomware
Ukrainian fugitive Volodymyr Tymoshchuk, linked to LockerGoga ransomware, has been added to the EU Most Wanted list as global authorities pursue him. First seen on hackread.com Jump to article: hackread.com/lockergoga-ransomware-eu-most-wanted-list-doj-reward/
-
Ukraine claims cyberattacks on Russian election systems; Moscow confirms disruptions
Ukraine said it was responsible for disrupting websites related to Russian election infrastructure as voters went to the polls in occupied territories. First seen on therecord.media Jump to article: therecord.media/ukraine-claims-ddos-attack-russian-election-system
-
New Zealand sanctions Russian military hackers over cyberattacks on Ukraine
New Zealand has imposed sanctions on Russian military intelligence hackers accused of cyberattacks on Ukraine, including members of a notorious hacking unit previously tied to destructive malware campaigns. First seen on therecord.media Jump to article: therecord.media/new-zealand-russia-gru-ukraine
-
Pro-Russian Hackers Target Critical Industries Across the Globe
In 2024, as the Russia-Ukraine war prolongs and military and economic cooperation between North Korea and Russia deepens, cyberspace has emerged as a central battleground for international conflict. Russia is increasingly using cyber-attacks as a strategic tool to alleviate economic pressure from international sanctions and to bolster its war capabilities. This shift has led to…
-
Ukrainian Ransomware Fugitive Added to Europe’s Most Wanted
US offers $11m as LockerGoga ransomware suspect becomes one of Europe’s most wanted men First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ukrainian-ransomware-fugitive/
-
Key Operators of LockerGoga, MegaCortex, and Nefilim Ransomware Gangs Arrested
The U.S. District Court for the Eastern District of New York has charged Volodymyr Viktorovich Tymoshchuk, a Ukrainian national known as deadforz, Boba, msfv, and farnetwork, for his role in administering LockerGoga, MegaCortex, and Nefilim ransomware operations. The indictment alleges that Tymoshchuk managed attacks against more than 250 companies in the U.S. and hundreds of…
-
US charges suspected ransomware kingpin, and offers $10 million bounty for his capture
A US federal court has unssealed charges against a Ukrainian national who authorities allege was a key figure behind several strains of ransomware, including LockerGoga, MegaCortex, and Nefilim. First seen on fortra.com Jump to article: www.fortra.com/blog/us-charges-suspected-ransomware-kingpin-offers-10-million-bounty
-
Ukraine’s ousted cyber chief posts bail in corruption case
Under the bail conditions, Illia Vitiuk must appear when summoned, report any change of residence, avoid contact with certain individuals and surrender his foreign passports to investigators. First seen on therecord.media Jump to article: therecord.media/vitiuk-bail-anti-corruption-case
-
Uncle Sam indicts alleged ransomware kingpin tied to $18B in damages
Prosecutors claim Ukrainian ran LockerGoga, MegaCortex, and Nefilim ops $11M bounty on his head First seen on theregister.com Jump to article: www.theregister.com/2025/09/10/us_nefilim_ransomware_indictment/
-
U.S. indicts Ukrainian national for hundreds of ransomware attacks using multiple variants
The Department of Justice unsealed an indictment against a Ukrainian national alleged to be central to a ransomware campaign affecting hundreds of companies worldwide. Volodymyr Viktorovych Tymoshchuk, known online as “deadforz,” “Boba,” “msfv,” and “farnetwork,” is accused of developing and deploying ransomware variants Nefilim, LockerGoga, and MegaCortex, all of which have been used in attacks…
-
US Feds Indict Lockergoga and Megacortex Ransomware Hacker
State Department Offers Up to $10M for Tips on Volodymyr Tymoshchuk. A hacker who federal prosecutors say was behind the LockerGoga and MegaCortex ransomware strains faces a seven count criminal indictment in U.S. federal court, prosecutors said Tuesday. Ukrainian national Volodymyr Tymoshchuk, 28, was administrator of the two ransomware operations, prosecutors say. First seen on…
-
Ukrainian national charged with helping run LockerGoga, MegaCortex and Nefilim ransomware
Volodymyr Tymoshchuk, currently a fugitive, was an administrator for multiple ransomware strains, including LockerGoga, said U.S. prosecutors in unsealing an indictment against the Ukrainian national. First seen on therecord.media Jump to article: therecord.media/lockergoga-megacortex-nefilim-ransomware-ukrainian-indictment-unsealed
-
US charges admin of LockerGoga, MegaCortex, Nefilim ransomware
The U.S. Department of Justice has charged Ukrainian national Volodymyr Viktorovich Tymoshchuk for his role as the administrator of the LockerGoga, MegaCortex, and Nefilim ransomware operations. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/us-charges-admin-of-lockergoga-megacortex-nefilim-ransomware/
-
Germany charges hacker with Rosneft cyberattack in latest wake-up call for critical infrastructure
A 30″‘year”‘old man has been charged with launching a cyberattack on the German subsidiary of Russia’s state-owned oil giant Rosneft. The cyberattack, which happened in March 2022 in the aftermath of Russia’s invasion of Ukraine, crippled the company’s operations and cost millions of euros in damages. First seen on exponential-e.com Jump to article: www.exponential-e.com/blog/germany-charges-hacker-with-rosneft-cyberattack-in-latest-wake-up-call-for-critical-infrastructure
-
Ukraine’s cyber chief on Russian hackers’ shifting tactics, US cyber aid
A former information security professor with more than 25 years in the Ukrainian armed forces, Oleksandr Potii is blunt about Moscow’s capabilities: “We see that Russia’s technical level is high and its potential is strong. We cannot underestimate them.” First seen on therecord.media Jump to article: therecord.media/ukraine-cyber-chief-on-russia-hacks-us-aid
-
Corruption case against ousted cyber chief is ‘revenge,’ Ukraine’s security service says
Ukraine’s security service is accusing the country’s anti-corruption agencies of seeking “revenge” by bringing charges against Illia Vitiuk, the former head of the agency’s cybersecurity unit. First seen on therecord.media Jump to article: therecord.media/corruption-case-against-ousted-cyber
-
Ukrainian Network FDN3 Launches Massive Brute-Force Attacks on SSL VPN and RDP Devices
Cybersecurity researchers have flagged a Ukrainian IP network for engaging in massive brute-force and password spraying campaigns targeting SSL VPN and RDP devices between June and July 2025.The activity originated from a Ukraine-based autonomous system FDN3 (AS211736), per French cybersecurity company Intrinsec.”We believe with a high level of confidence that FDN3 is part of a…
-
Ukrainian Hackers Ramp Up Brute-Force and Password-Spraying Attacks on VPN and RDP Systems
In mid-2025, a coalition of Ukraine-based autonomous systems orchestrated unprecedented brute-force and password-spraying campaigns against exposed SSL VPN and Remote Desktop Protocol (RDP) services, overwhelming security defenses and highlighting the growing sophistication of state-linked cyber-infrastructure. Over a concentrated three-day period in July 2025, the network operated under AS211736 (“FDN3”), allocated to FOP Dmytro Nedilskyi, unleashed…
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
Malicious PDFs in Play: UAC-0057 Leveraging Invitations to Trigger Shell Script Attacks
The Belarusian-affiliated threat actor UAC-0057, also known as UNC1151, FrostyNeighbor, or Ghostwriter, has been using weaponized archives that contain phony PDFs that are posing as official invitations and documents to target organizations in Poland and Ukraine in a sophisticated cyber espionage campaign. Since April 2025, these operations have utilized compressed archives, such as RAR and…
-
Russian investment platform confirms cyberattack by pro-Ukraine hackers
The Russian platform Investment Projects said it is working to restore its infrastructure following a cyberattack claimed by the pro-Ukraine group Cyber Anarchy Squad. First seen on therecord.media Jump to article: therecord.media/russia-cyberattack-investment-platform-ukraine
-
UAC-0099 Tactics, Techniques, Procedures and Attack Methods Revealed
Tags: attack, cyber, defense, email, espionage, government, malicious, military, phishing, powershell, spear-phishing, tactics, threat, ukraineUAC-0099, a persistent threat actor active since at least 2022, has conducted sophisticated cyber-espionage operations against Ukrainian government, military, and defense entities, evolving its toolkit across three major campaigns documented in CERT-UA alerts from June 2023, December 2024, and August 2025. Initially relying on the PowerShell-based LONEPAGE loader delivered via spear-phishing emails with malicious attachments…
-
Breach Roundup: Chinese Duo Held for Illegal AI Chip Exports
Also: Ukrainian Hackers Find Evidence of Russian Child Abduction. This week, a Chinese duo arrested in Los Angeles for illegal artificial intelligence chip exports back to China, France extradited an accused Nigerian hacker, Ukraine hacked Crimean servers, Florida prison email leak, Tea App clone exposed users’ IDs. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/breach-roundup-chinese-duo-held-for-illegal-ai-chip-exports-a-29148
-
CERT-UA warns of UAC-0099 phishing attacks targeting Ukraine’s defense sector
Ukraine’s CERT-UA warns of phishing attacks by UAC-0099 targeting defense sectors, using malware like MATCHBOIL, MATCHWOK, and DRAGSTARE. Ukraine’s CERT-UA warns of phishing attacks by threat actor UAC-0099 targeting government and defense sectors, delivering malware like MATCHBOIL and DRAGSTARE. The National Cyber Incident, Cyber Attack, and Cyber Threat Response Team CERT-UA investigated multiple attacks against…
-
UAC-0099 Hackers Weaponize HTA Files to Deploy MATCHBOIL Loader Malware
UAC-0099 is a threat actor organization that has been targeting state officials, defense forces, and defense-industrial firms in a series of sophisticated cyberattacks that Ukraine’s CERT-UA has been investigating. The attacks typically initiate with phishing emails from UKR.NET addresses, featuring subjects like >>court summons
-
Hacked Crimean servers reveal information about abducted children, Ukraine says
Ukraine’s military intelligence agency said it hacked into government servers in Russian-occupied Crimea that allegedly contained evidence of Russia’s forced deportation of Ukrainian children from occupied territories. First seen on therecord.media Jump to article: therecord.media/hacked-crimean-servers-abducted-children
-
Russia’s mobile internet shutdowns hit record high amid Ukrainian drone attacks
Russia shut down mobile internet services more than 2,000 times in July as authorities ramped up digital restrictions in the name of security. First seen on therecord.media Jump to article: therecord.media/russia-mobile-internet-shutdowns-record
-
LAMEHUG: First AI-Powered Malware Targets Organizations via Compromised Official Email Accounts
The Russian state-sponsored threat actor APT28, also known as Fancy Bear or Forest Blizzard, has deployed LameHug, the first publicly documented malware leveraging large language models (LLMs) for automated command generation and execution. According to a recent CERT-UA report, this campaign targeted Ukraine’s security and defense sectors earlier this month, initiating with spearphishing emails dispatched…
-
Pro-Ukraine hacktivists claim cyberattack on Russian Airline Aeroflot that caused the cancellation of +100 flights
A cyberattack claimed by Ukrainian group Silent Crow and Belarusian Cyber-Partisans crippled Aeroflot ‘s systems, canceling over 100 flights. On July 28, 2025, a cyberattack claimed by Ukrainian group Silent Crow and Belarusian Cyber-Partisans crippled the systems of Russian state-owned carrier Aeroflot. Over 100 flights were cancelled following the attack, which also caused delays. The…