Tag: ukraine
-
‘Living off the land’ allowed Russia-linked group to breach Ukrainian entities this summer
In two separate incidents this summer, hackers appearing to work from Russia used available assets to steal data from a large Ukrainian business services company and a local government agency, researchers say. First seen on therecord.media Jump to article: therecord.media/russia-linked-breaches-ukraine-living-off-the-land
-
‘Living off the land’ allowed Russia-linked group to breach Ukrainian entities this summer
In two separate incidents this summer, hackers appearing to work from Russia used available assets to steal data from a large Ukrainian business services company and a local government agency, researchers say. First seen on therecord.media Jump to article: therecord.media/russia-linked-breaches-ukraine-living-off-the-land
-
Chatbots parrot Putin’s propaganda about the illegal invasion of Ukraine
Tags: ukraineFake views from Moscow’s pet media outlets appear in about one in five responses First seen on theregister.com Jump to article: www.theregister.com/2025/10/28/chatbots_still_parrot_russian_state/
-
Chatbots Are Pushing Sanctioned Russian Propaganda
ChatGPT, Gemini, DeepSeek, and Grok are serving users propaganda from Russian-backed media when asked about the invasion of Ukraine, new research finds. First seen on wired.com Jump to article: www.wired.com/story/chatbots-are-pushing-sanctioned-russian-propaganda/
-
Blitz Spear Phishing Campaign Targets NGOs Supporting Ukraine
A spear phishing campaign dubbed PhantomCaptcha targeted Ukraine’s war relief efforts and regional government administrations for a single day in October First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/blitz-spear-phishing-ngos-ukraine/
-
PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT
The post PhantomCaptcha Spyware Targets Ukraine NGOs with Fake Cloudflare Lure to Deploy WebSocket RAT appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/phantomcaptcha-spyware-targets-ukraine-ngos-with-fake-cloudflare-lure-to-deploy-websocket-rat/
-
PhantomCaptcha RAT Attack Targets Aid Groups Supporting Ukraine
SentinelLABS’ research reveals PhantomCaptcha, a highly coordinated, one-day cyber operation on Oct 8, 2025, targeting the International Red Cross, UNICEF, and Ukraine government groups using fake emails and a Remote Access Trojan (RAT) linked to Russian infrastructure. First seen on hackread.com Jump to article: hackread.com/phantomcaptcha-rat-attack-targets-ukraine/
-
PhantomCaptcha RAT Uses Weaponized PDFs and “ClickFix” Cloudflare CAPTCHA Pages to Deliver Malware
A sophisticated spearphishing campaign has targeted humanitarian organizations working on Ukrainian war relief efforts, employing weaponized PDFs and fake Cloudflare captcha pages to deploy a custom remote access trojan. The PhantomCaptcha campaign, launched on October 8th, 2025, specifically targeted individual members of the International Committee of the Red Cross, United Nations Children’s Fund (UNICEF) Ukraine…
-
PhantomCaptcha RAT Uses Weaponized PDFs and “ClickFix” Cloudflare CAPTCHA Pages to Deliver Malware
A sophisticated spearphishing campaign has targeted humanitarian organizations working on Ukrainian war relief efforts, employing weaponized PDFs and fake Cloudflare captcha pages to deploy a custom remote access trojan. The PhantomCaptcha campaign, launched on October 8th, 2025, specifically targeted individual members of the International Committee of the Red Cross, United Nations Children’s Fund (UNICEF) Ukraine…
-
PhantomCaptcha targets Ukraine relief groups with WebSocket RAT in October 2025
PhantomCaptcha phishing campaign hit Ukraine relief groups with a WebSocket RAT on Oct 8, 2025, targeting Red Cross, UNICEF, and others. SentinelOne researchers uncovered PhantomCaptcha, a coordinated spear-phishing campaign on October 8, 2025, targeting Ukraine war relief groups, including Red Cross, UNICEF, NRC, and local administrations. Threat actors used fake emails to deploy a WebSocket-based…
-
Ukraine Aid Groups Targeted Through Fake Zoom Meetings and Weaponized PDF Files
Cybersecurity researchers have disclosed details of a coordinated spear-phishing campaign dubbed PhantomCaptcha targeting organizations associated with Ukraine’s war relief efforts to deliver a remote access trojan that uses a WebSocket for command-and-control (C2).The activity, which took place on October 8, 2025, targeted individual members of the International Red Cross, Norwegian Refugee First seen on thehackernews.com…
-
PhantomCaptcha Campaign Targets Ukraine Relief Organizations
SentinelLABS Researchers have uncovered a new phishing campaign, PhantomCaptcha, targeting aid organizations supporting Ukraine First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/phantomcaptcha-campaign-targets/
-
PhantomCaptcha ClickFix attack targets Ukraine war relief orgs
A spearphishing attack that lasted a single day targeted members of the Ukrainian regional government administration and organizations critical for the war relief effort in Ukraine, including the International Committee of the Red Cross, UNICEF, and various NGOs. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/phantomcaptcha-clickfix-attack-targets-ukraine-war-relief-orgs/
-
‘PhantomCaptcha’ hackers impersonate Ukrainian president’s office in attack on war relief workers
A spearphishing campaign earlier in October disappeared within a day, according to cybersecurity researchers, but it was aimed at a wide variety of targets associated with the war in Ukraine. First seen on therecord.media Jump to article: therecord.media/phantomcaptcha-spearphishing-campaign-ukraine-war-relief-groups
-
‘PhantomCaptcha’ hackers impersonate Ukrainian president’s office in attack on war relief workers
A spearphishing campaign earlier in October disappeared within a day, according to cybersecurity researchers, but it was aimed at a wide variety of targets associated with the war in Ukraine. First seen on therecord.media Jump to article: therecord.media/phantomcaptcha-spearphishing-campaign-ukraine-war-relief-groups
-
Russian Disinformation Followed Drone Incursion of Poland
Active Measures Teams Rapidly Springboarding From Current Events, Find Researchers. After Russian drones violated Polish airspace last month, multiple pro-Kremlin information operations teams sprang into action to advance pro-Moscow narratives that distorted the facts, as part of a hybrid operation designed to destabilize Poland, and NATO support for Ukraine, said experts. First seen on govinfosecurity.com…
-
APT28 Deploys BeardShell and Covenant Modules via Weaponized Office Documents
Security researchers at Sekoia.io have uncovered a sophisticated cyberattack campaign orchestrated by APT28, the notorious Russian state-sponsored threat actor, targeting Ukrainian military personnel with weaponized Office documents that deliver advanced malware frameworks including BeardShell and Covenant modules. The operation represents a significant evolution in APT28’s tactics, leveraging legitimate cloud infrastructure and novel obfuscation techniques to…
-
Deutschland größtes Hacker-Ziel in der EU
Tags: authentication, china, cyberattack, defense, extortion, germany, hacker, iran, login, mail, mfa, microsoft, north-korea, password, phishing, ransomware, software, ukraineLaut einer Studie von Microsoft richteten sich 3,3 Prozent aller Cyberangriffe weltweit im ersten Halbjahr 2025 gegen Ziele in Deutschland.Kein Land in der Europäischen Union steht so sehr im Fokus von kriminellen Hackern wie Deutschland. Das geht aus dem Microsoft Digital Defense Report 2025 hervor, den der Software-Konzern in Redmond veröffentlicht hat. Danach richteten sich…
-
Hacker attackieren Vergabeportal für öffentliche Aufträge
Prorussische Hacker haben die Internetseite des Deutschen Vergabeportals fast eine Woche lang lahmgelegt.Prorussische Hacker haben nach einem Bericht der Süddeutschen Zeitung (SZ) die Webseite des Deutschen Vergabeportals des Bundes in die Knie gezwungen. Durch die Cyberattacke war diese wichtige Schnittstelle zwischen Staat und Wirtschaft fast eine Woche lang nicht erreichbar. Am Dienstagnachmittag war das Portal…
-
Ukraine takes steps to launch dedicated cyber force for offensive strikes
Ukraine lawmakers are considering uniting the country’s offensive and defensive military cyber capabilities under a single command within the Armed Forces. First seen on therecord.media Jump to article: therecord.media/ukraine-takes-steps-dedicated-cyber-force
-
Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors
Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country’s State Service for Special Communications and Information Protection (SSSCIP) reported. Beyond AI-generated phishing, some malware samples now show AI-generated code. In H1 2025, Ukraine recorded 3,018 cyber incidents,…
-
Ukraine sees surge in AI-Powered cyberattacks by Russia-linked Threat Actors
Russia-linked actors use AI to craft phishing and malware attacks against entities in Ukraine, says SSSCIP. Russian hackers increasingly use AI in cyberattacks against Ukraine, the country’s State Service for Special Communications and Information Protection (SSSCIP) reported. Beyond AI-generated phishing, some malware samples now show AI-generated code. In H1 2025, Ukraine recorded 3,018 cyber incidents,…
-
From Phishing to Malware: AI Becomes Russia’s New Cyber Weapon in War on Ukraine
Russian hackers’ adoption of artificial intelligence (AI) in cyber attacks against Ukraine has reached a new level in the first half of 2025 (H1 2025), the country’s State Service for Special Communications and Information Protection (SSSCIP) said.”Hackers now employ it not only to generate phishing messages, but some of the malware samples we have analyzed…
-
Russian hackers turn to AI as old tactics fail, Ukrainian CERT says
Russian hackers are now using AI not only to write phishing messages but also to generate malicious code itself. First seen on therecord.media Jump to article: therecord.media/russian-hackers-turn-to-ai-ukraine-cert
-
CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor
CERT-UA warns UAC-0245 targets Ukraine with CABINETRAT backdoor via malicious Excel XLL add-ins spotted in Sept 2025. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of cyberattacks by the group UAC-0245 using the CABINETRAT backdoor. The campaign, seen in September 2025, involved malicious Excel XLL add-ins posing as software tools (e.g. >>UBD Request.xllrecept_ruslana_nekitenko.xll
-
Ukrainian Defenders Report Rise in Russian Cyberattacks
Numerous Attacks Designed and Timed ‘to Amplify the Impact of Kinetic Strikes’. Russia in the first half of this year markedly increased the tempo of its cyberattacks targeting Ukraine, with defenders cataloging 3,000 cybersecurity incidents, largely targeting the military, government, local authorities and energy sector, often timed to amplify the impact of kinetic attacks. First…
-
Ukraine’s digital chief pushes for AI-first state amid war and cyber threats
Ukraine’s deputy prime minister is betting big on artificial intelligence’s ability to shape governance, education and even the battlefield. First seen on therecord.media Jump to article: therecord.media/ukraine-ai-state-digital
-
Ukrainian Cops Spoofed in Fileless Phishing Attacks on Kyiv
Attackers impersonate the National Police of Ukraine to deploy Amatera Stealer and PureMiner, using malicious Scalable Vector Graphics to trick victims. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/ukrainian-cops-spoofed-fileless-phishing-attacks-kyiv
-
SVG Files Abused to Deploy PureMiner Malware and Exfiltrate Data
Cybercriminals are exploiting SVG files as an initial attack vector in a multi-stage campaign designed to impersonate Ukrainian government communications. FortiGuard Labs has uncovered a sophisticated phishing campaign targeting Ukrainian government agencies through malicious Scalable Vector Graphics (SVG) files, ultimately deploying both cryptocurrency mining malware and information stealers to compromise victim systems. The attack begins…
-
Researchers Expose Phishing Threats Distributing CountLoader and PureRAT
A new campaign has been observed impersonating Ukrainian government agencies in phishing attacks to deliver CountLoader, which is then used to drop Amatera Stealer and PureMiner.”The phishing emails contain malicious Scalable Vector Graphics (SVG) files designed to trick recipients into opening harmful attachments,” Fortinet FortiGuard Labs researcher Yurren Wan said in a report shared with…