Tag: ukraine
-
Ukraine arrests suspected admin of XSS Russian hacking forum
The suspected administrator of the Russian-speaking hacking forum XSS.is was arrested by the Ukrainian authorities yesterday at the request of the Paris public prosecutor’s office. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ukraine-arrests-suspected-admin-of-xss-russian-hacking-forum/
-
Suspected XSS Forum Admin Arrested in Ukraine
The individual is accused of numerous illicit cybercrime and ransomware activities that have generated at least $7m in profit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/suspected-xss-forum-admin-arrested/
-
Suspected admin of major dark web cybercrime forum arrested in Ukraine
French law enforcement said the alleged administrator of the long-running cybercrime forum XSS, formerly known as DaMaGeLab, was arrested in Ukraine. First seen on therecord.media Jump to article: therecord.media/suspected-xss-cybercrime-marketplace-admin-arrested
-
Authorities in Ukraine nab alleged admin of Russian-language cybercrime forum
Officials accuse the unnamed suspect of running XSS.is, a key and long-running marketplace with more than 50,000 registered users. The suspect allegedly made more than $8.2 million. First seen on cyberscoop.com Jump to article: cyberscoop.com/xss-cybercrime-forum-admin-arrest/
-
XSS.IS Cybercrime Forum Seized After Admin Arrested in Ukraine
XSS.IS has been seized after its admin was arrested in Ukraine, however its dark web and mirror domains only show a 504 Gateway Timeout error. First seen on hackread.com Jump to article: hackread.com/xss-is-cybercrime-forum-seized-ukraine-arrested-admin/
-
Suspected Admin of XSS.IS Cybercrime Forum Arrested in Ukraine
Suspected admin of XSS.IS, a major Russian-language cybercrime forum, arrested in Ukraine after years of running malware and data trade operations. First seen on hackread.com Jump to article: hackread.com/suspected-xss-is-admin-cybercrime-forum-arrest-ukraine/
-
UK blames Russia’s infamous ‘Fancy Bear’ group for Microsoft cloud hacks
Authentic Antics malware tool to target Microsoft cloud accounts were the handiwork of the notorious Russian Fancy Bear hacking group, the UK’s National Cyber Security Centre (NCSC) has said.Authentic Antics was discovered after a cyberattack in 2023 which prompted an NCSC technical teardown of the malware that it published in May this year. The agency…
-
Europol targets Kremlin-backed cybercrime gang NoName057(16)
The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/europol-targets-kremlin-backed-cybercrime-gang-noname057-16
-
Cyberangriff auf einen Öl- und Gasproduzent in Russland?
Ukrainian hackers wipe databases at Russia’s Gazprom in major cyberattack, intelligence source says First seen on kyivindependent.com Jump to article: kyivindependent.com/ukrainian-intel-hackers-hit-gazproms-network-infrastructure-sources-say-07-2025/
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
-
Ukraine Pwns Russian Drone Maker, Gaskar is ‘Paralyzed’
All Your UAVs Are Belong to UKR: Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/ukraine-hacks-russian-drone-maker-gaskar-richixbw/
-
UK sanctions Russian hackers, spies as US weighs its own punishments for Russia
The hackers were allegedly involved in operations against Ukraine and a Russian on U.K. soil, the latter with malware tied to U.S. 2016 election interference. First seen on cyberscoop.com Jump to article: cyberscoop.com/uk-sanctions-russian-hackers-spies-as-us-weighs-its-own-punishments-for-russia/
-
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that’s designed to deliver a malware codenamed LAMEHUG.”An obvious feature of LAMEHUG is the use of LLM (large language model), used to generate commands based on their textual representation (description),” CERT-UA said in a Thursday advisory.The activity has been attributed…
-
New “LameHug” Malware Deploys AI-Generated Commands
Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-lamehug-malware-deploys/
-
LameHug: first AI-Powered malware linked to Russia’s APT28
LameHug malware uses AI to create data-theft commands on infected Windows systems. Ukraine links it to the Russia-nexus APT28 group. Ukrainian CERT-UA warns of a new malware strain dubbed LameHug that uses a large language model (LLM) to generate commands to be executed on compromised Windows systems. Ukrainian experts attribute the malware to the Russia-linked…
-
Extradited Armenian Tied to Ryuk Ransomware Faces US Trial
FBI Accuses Ukrainian Man of Identifying Exploitable Flaws in Victims’ Networks. A 33-year-old Armenian man, Karen Vardanyan, accused of facilitating Ryuk ransomware attacks against numerous organizations, is due to stand trial in the U.S. in August. The FBI said the Ryuk operation earned at least $15 million in cryptocurrency ransom payments from victims. First seen…
-
Breach Roundup: Fashion House Louis Vuitton Confirms Breach
Also: CISA Warns of Unpatched Train Brake Vulnerability. This week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier. First seen on govinfosecurity.com Jump to article:…
-
European cyber cops target NoName057(16) DDoS network
A Europol operation has succeeded in disrupting a pro-Russian hacktivist network accused of conducting DDoS cyber attacks on targets in Ukraine and Europe. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627802/European-cyber-cops-target-NoName05716-DDoS-network
-
Armenian, Ukrainian nationals among Ryuk ransomware actors facing US hacking charges
Armenian national Karen Serobovich Vardanyan, 33, was extradited from Ukraine last month and now faces up to five years in prison for his role in Ryuk, prosecutors said on Wednesday. First seen on therecord.media Jump to article: therecord.media/ryuk-ransomware-actors-legal-action
-
Ukrainian Hackers Claim Cyberattack on Major Russian Drone Supplier
A Ukrainian woman who survived a catastrophic cluster munition attack in 2014 continues to navigate the complex aftermath of severe combat-related injuries, highlighting the long-term humanitarian consequences of explosive ordnance use in populated areas. Nelya Leonidova, 34 at the time of the incident, sustained life-threatening polytrauma when submunitions detonated near a recreational area in Zugres,…
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine
Hackers abused fake GitHub accounts to spread Emmenhtal, Amadey, Lumma and Redline infoStealers in attacks linked to a phishing campaign targeting Ukraine in early 2025. First seen on hackread.com Jump to article: hackread.com/github-abused-amadey-lumma-redline-infostealers-ukraine/
-
Researchers Reveal How Hacktivist Groups Gain Attention and Choose Their Targets
Cybersecurity researchers at Graphika have unveiled comprehensive findings on the operational dynamics of hacktivist organizations, revealing sophisticated attention-seeking behaviors and strategic target selection methodologies. Through their ATLAS intelligence reporting platform, analysts have systematically monitored approximately 700 active and inactive hacktivist entities since 2022, encompassing state-sponsored personas, geopolitically aligned collectives supporting Russia and Ukraine, and regionally-focused…
-
Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine
An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies.The actions have led to the dismantling of a major part of the group’s central server infrastructure and more than 100…
-
MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
Cisco Talos uncovered a stealthy Malware-as-a-Service (MaaS) operation that used fake GitHub accounts to distribute a variety of dangerous payloads and evade security defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/
-
Ermittlern gelingt Schlag gegen prorussische Hacker
Durch eine internationale Ermittlungsaktion wurde das Servernetz der prorussischen Hackergruppe NoName057(16) lahmgelegt.Deutsche und internationale Strafverfolgungsbehörden sind bei einer gemeinsamen Aktion gegen die Hackergruppe “NoName057(16)” vorgegangen. Nach Angaben des Bundeskriminalamts (BKA) wurde dabei ein aus weltweit verteilten Servern bestehendes Botnetz abgeschaltet, das für gezielte digitale Überlastungsangriffe auf Internetseiten eingesetzt wurde. Solche sogenannten Distributed Denial of Service (DDoS)-Angriffe…
-
Ukrainian hackers claim to have destroyed major Russian drone maker’s entire network
‘Deeply penetrated’ Gaskar ‘to the very tonsils of demilitarization’ First seen on theregister.com Jump to article: www.theregister.com/2025/07/16/ukrainian_drone_attack/
-
Europol Co. zerschlagen russisches Cyberkriminellen Netzwerk NoName057(16)
Strafverfolger haben mit Hilfe von Europol und weiteren Institutionen das Netzwerk der russischen NoName057-Cybergruppe zerschlagen. Die Täter hatten es auf IT-Infrastruktur der Ukraine und unterstützende Länder, darunter viele EU-Mitgliedstaaten, abgesehen. Operation Eastwood gegen NoName057(16) Die internationale Operation mit dem Namen Eastwood, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/16/europol-co-zerschlagen-russisches-cyberkriminellen-netzwerk-noname05716/
-
Operation Eastwood shutters 100+ servers used to DDoS websites supporting Ukraine
Two Russian suspects in cuffs, seven warrants out First seen on theregister.com Jump to article: www.theregister.com/2025/07/16/russian_hacktivist_bust/
-
International operation disrupts pro-Russian hacker group NoName057(16)
European and U.S. law enforcement have disrupted the operations of a pro-Russian hacker group known for launching distributed denial-of-service attacks against Ukraine and its allies. First seen on therecord.media Jump to article: therecord.media/international-police-takedown-noname-hacker
-
Ukraine-aligned hackers claim cyberattack on major Russian drone supplier
Ukraine’s military intelligence agency confirmed that it participated with two volunteer hacking groups in an operation against Gaskar Group, a Russian drone company. First seen on therecord.media Jump to article: therecord.media/ukraine-hackers-claim-attack-russia-gaskar-group-drone-maker