Tag: ukraine
-
Nach Flugausfällen sprechen Hacker und Kreml von Angriff
Im Kreml spricht man von alarmierenden Nachrichten.In Moskau sind nach einem mutmaßlichen Angriff proukrainischer Hackergruppen Dutzende Flüge ausgefallen. Die staatliche russische Fluggesellschaft Aeroflot sprach zunächst von etwa 60 gestrichenen Flügen am Airport Scheremetjewo und gab eine Störung in ihren IT-Systemen als Grund dafür an. Experten des Unternehmens arbeiteten daran, die Arbeit der Server wiederherzustellen, um…
-
Pro-Ukraine Hacktivists Ground Dozens of Aeroflot Flights
Two pro-Ukraine hacktivists have claimed responsibility for a destructive attack on Aeroflot First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ukraine-hacktivists-dozens/
-
Cyberangriff auf eine staatliche russische Fluggesellschaft
Pro-Ukrainian hackers claim massive cyberattack on Russia’s Aeroflot First seen on reuters.com Jump to article: www.reuters.com/en/pro-ukrainian-hackers-claim-massive-cyberattack-russias-aeroflot-2025-07-28/
-
Aeroflot Hit by Year”‘Long Cyber Operation That Allegedly Wiped 7,000 Servers
Russia’s flagship carrier Aeroflot is reeling from a devastating cyberattack that pro-Ukraine hacking groups claim wiped approximately 7,000 servers and stole over 20 terabytes of sensitive data during a year-long clandestine operation. The airline was forced to cancel dozens of flights Monday morning, leaving passengers stranded at Moscow’s Sheremetyevo Airport amid what officials described as…
-
Pro-Ukrainian hackers take credit for attack that snarls Russian flight travel
State-owned Aeroflot cancels dozens of flights, stranding travelers throughout Russia. First seen on arstechnica.com Jump to article: arstechnica.com/security/2025/07/pro-ukrainian-hackers-take-credit-for-attack-that-snarls-russian-flight-travel/
-
Russia’s Flag Carrier Cancels Flights After Hack Attack
Aeroflot Hit With Wiper Malware, Claim Pro-Ukrainian Hackers From Belarus. Russia’s largest airline, Aeroflot, canceled dozens of flights on Monday and delayed more due to an IT disruption. Two pro-Ukrainian hacking groups from Belarus claimed to have wiped stolen extensive customer data before wiping 7,000 physical and virtual servers used by the airline. First seen…
-
Inside Laundry Bear: Unveiling Infrastructure, Tactics, and Procedures
Dutch intelligence agencies AIVD and MIVD, alongside Microsoft Threat Intelligence, have identified Laundry Bear also tracked as Void Blizzard as a sophisticated Russian state-sponsored advanced persistent threat (APT) group active since at least April 2024. This actor has focused on espionage operations against NATO countries, Ukraine, and various organizations including the Dutch police, a Ukrainian…
-
Russian-Aligned Hive0156 Escalates Remcos RAT Attacks on Ukrainian Government Military
The post Russian-Aligned Hive0156 Escalates Remcos RAT Attacks on Ukrainian Government Military appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/russian-aligned-hive0156-escalates-remcos-rat-attacks-on-ukrainian-government-military/
-
Mutmaßlicher Betreiber von großem Cybercrime-Forum geschnappt
Der mutmaßliche Betreiber einer großen Plattform für Cyberkriminalität wurde festgenommen.Der mutmaßliche Betreiber einer großen russischsprachigen Plattform für Cyberkriminalität ist in der Ukraine festgenommen worden. Das Forum sei seit 2013 aktiv gewesen und einer der zentralen Orte für Cyberkriminalität weltweit gewesen, teilte die Staatsanwaltschaft Paris mit, die seit Jahren gegen die Plattform ermittelt. Der Verdächtige sei…
-
Mutmaßlicher Betreiber von großem Cybercrime-Forum geschnappt
Der mutmaßliche Betreiber einer großen Plattform für Cyberkriminalität wurde festgenommen.Der mutmaßliche Betreiber einer großen russischsprachigen Plattform für Cyberkriminalität ist in der Ukraine festgenommen worden. Das Forum sei seit 2013 aktiv gewesen und einer der zentralen Orte für Cyberkriminalität weltweit gewesen, teilte die Staatsanwaltschaft Paris mit, die seit Jahren gegen die Plattform ermittelt. Der Verdächtige sei…
-
Key Operator of World’s Largest XSS Dark Web Platform Detained
International law enforcement agencies have dismantled one of the world’s most influential Russian-speaking cybercrime platforms following the arrest of its suspected administrator in a coordinated operation spanning France, Ukraine, and broader European cooperation. The takedown of xss.is represents a significant blow to global cybercriminal networks that have operated with relative impunity on the dark web…
-
Authorities in Ukraine nab alleged admin of Russian-language cybercrime forum
Officials accuse the unnamed suspect of running XSS.is, a key and long-running marketplace with more than 50,000 registered users. The suspect allegedly made more than $8.2 million. First seen on cyberscoop.com Jump to article: cyberscoop.com/xss-cybercrime-forum-admin-arrest/
-
XSS.IS Cybercrime Forum Seized After Admin Arrested in Ukraine
XSS.IS has been seized after its admin was arrested in Ukraine, however its dark web and mirror domains only show a 504 Gateway Timeout error. First seen on hackread.com Jump to article: hackread.com/xss-is-cybercrime-forum-seized-ukraine-arrested-admin/
-
Suspected Admin of XSS.IS Cybercrime Forum Arrested in Ukraine
Suspected admin of XSS.IS, a major Russian-language cybercrime forum, arrested in Ukraine after years of running malware and data trade operations. First seen on hackread.com Jump to article: hackread.com/suspected-xss-is-admin-cybercrime-forum-arrest-ukraine/
-
French Authorities confirm XSS.is admin arrested in Ukraine
French authorities announced the arrest in Ukraine of an alleged administrator of the long-running cybercrime forum XSS.is. A joint investigation conducted by French police, Ukrainian authorities, and Europol led to the arrest of the suspected administrator of the major Russian-speaking cybercrime forum xss.is. >>The Paris prosecutor’s office announced on Wednesday, July 23, that an individual…
-
Mastermind behind Russian-speaking cybercrime hub arrested in Ukraine
The suspected administrator of xss.is, one of the world’s most influential Russian-speaking cybercrime forums, was arrested in Kyiv, Ukraine, on 22 July. The takedown followed … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/23/europol-cybercrime-operation-xss-is-admin-arrest/
-
Ukraine arrests suspected admin of XSS Russian hacking forum
The suspected administrator of the Russian-speaking hacking forum XSS.is was arrested by the Ukrainian authorities yesterday at the request of the Paris public prosecutor’s office. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukraine-arrests-suspected-admin-of-xss-russian-hacking-forum/
-
Suspected XSS Forum Admin Arrested in Ukraine
The individual is accused of numerous illicit cybercrime and ransomware activities that have generated at least $7m in profit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/suspected-xss-forum-admin-arrested/
-
Suspected admin of major dark web cybercrime forum arrested in Ukraine
French law enforcement said the alleged administrator of the long-running cybercrime forum XSS, formerly known as DaMaGeLab, was arrested in Ukraine. First seen on therecord.media Jump to article: therecord.media/suspected-xss-cybercrime-marketplace-admin-arrested
-
UK blames Russia’s infamous ‘Fancy Bear’ group for Microsoft cloud hacks
Authentic Antics malware tool to target Microsoft cloud accounts were the handiwork of the notorious Russian Fancy Bear hacking group, the UK’s National Cyber Security Centre (NCSC) has said.Authentic Antics was discovered after a cyberattack in 2023 which prompted an NCSC technical teardown of the malware that it published in May this year. The agency…
-
Europol targets Kremlin-backed cybercrime gang NoName057(16)
The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/europol-targets-kremlin-backed-cybercrime-gang-noname057-16
-
Cyberangriff auf einen Öl- und Gasproduzent in Russland?
Ukrainian hackers wipe databases at Russia’s Gazprom in major cyberattack, intelligence source says First seen on kyivindependent.com Jump to article: kyivindependent.com/ukrainian-intel-hackers-hit-gazproms-network-infrastructure-sources-say-07-2025/
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
-
Ukraine Pwns Russian Drone Maker, Gaskar is ‘Paralyzed’
All Your UAVs Are Belong to UKR: Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/ukraine-hacks-russian-drone-maker-gaskar-richixbw/
-
UK sanctions Russian hackers, spies as US weighs its own punishments for Russia
The hackers were allegedly involved in operations against Ukraine and a Russian on U.K. soil, the latter with malware tied to U.S. 2016 election interference. First seen on cyberscoop.com Jump to article: cyberscoop.com/uk-sanctions-russian-hackers-spies-as-us-weighs-its-own-punishments-for-russia/
-
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that’s designed to deliver a malware codenamed LAMEHUG.”An obvious feature of LAMEHUG is the use of LLM (large language model), used to generate commands based on their textual representation (description),” CERT-UA said in a Thursday advisory.The activity has been attributed…
-
New “LameHug” Malware Deploys AI-Generated Commands
Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-lamehug-malware-deploys/
-
LameHug: first AI-Powered malware linked to Russia’s APT28
LameHug malware uses AI to create data-theft commands on infected Windows systems. Ukraine links it to the Russia-nexus APT28 group. Ukrainian CERT-UA warns of a new malware strain dubbed LameHug that uses a large language model (LLM) to generate commands to be executed on compromised Windows systems. Ukrainian experts attribute the malware to the Russia-linked…
-
Extradited Armenian Tied to Ryuk Ransomware Faces US Trial
FBI Accuses Ukrainian Man of Identifying Exploitable Flaws in Victims’ Networks. A 33-year-old Armenian man, Karen Vardanyan, accused of facilitating Ryuk ransomware attacks against numerous organizations, is due to stand trial in the U.S. in August. The FBI said the Ryuk operation earned at least $15 million in cryptocurrency ransom payments from victims. First seen…
-
Breach Roundup: Fashion House Louis Vuitton Confirms Breach
Also: CISA Warns of Unpatched Train Brake Vulnerability. This week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier. First seen on govinfosecurity.com Jump to article:…