Tag: ukraine
-
Europol targets Kremlin-backed cybercrime gang NoName057(16)
The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/europol-targets-kremlin-backed-cybercrime-gang-noname057-16
-
Cyberangriff auf einen Öl- und Gasproduzent in Russland?
Ukrainian hackers wipe databases at Russia’s Gazprom in major cyberattack, intelligence source says First seen on kyivindependent.com Jump to article: kyivindependent.com/ukrainian-intel-hackers-hit-gazproms-network-infrastructure-sources-say-07-2025/
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
-
Ukraine Pwns Russian Drone Maker, Gaskar is ‘Paralyzed’
All Your UAVs Are Belong to UKR: Ukrainian Cyber Alliance and Black Owl team up to hack manufacturer of Russian military drones, sources say. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/ukraine-hacks-russian-drone-maker-gaskar-richixbw/
-
UK sanctions Russian hackers, spies as US weighs its own punishments for Russia
The hackers were allegedly involved in operations against Ukraine and a Russian on U.K. soil, the latter with malware tied to U.S. 2016 election interference. First seen on cyberscoop.com Jump to article: cyberscoop.com/uk-sanctions-russian-hackers-spies-as-us-weighs-its-own-punishments-for-russia/
-
CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign
The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that’s designed to deliver a malware codenamed LAMEHUG.”An obvious feature of LAMEHUG is the use of LLM (large language model), used to generate commands based on their textual representation (description),” CERT-UA said in a Thursday advisory.The activity has been attributed…
-
New “LameHug” Malware Deploys AI-Generated Commands
Ukraine’s CERT-UA has identified a new AI-powered malware, dubbed “LameHug,” which executes commands on compromised Windows systems in cyber-attacks, targeting the nation’s security and defense sector First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/new-lamehug-malware-deploys/
-
LameHug: first AI-Powered malware linked to Russia’s APT28
LameHug malware uses AI to create data-theft commands on infected Windows systems. Ukraine links it to the Russia-nexus APT28 group. Ukrainian CERT-UA warns of a new malware strain dubbed LameHug that uses a large language model (LLM) to generate commands to be executed on compromised Windows systems. Ukrainian experts attribute the malware to the Russia-linked…
-
Extradited Armenian Tied to Ryuk Ransomware Faces US Trial
FBI Accuses Ukrainian Man of Identifying Exploitable Flaws in Victims’ Networks. A 33-year-old Armenian man, Karen Vardanyan, accused of facilitating Ryuk ransomware attacks against numerous organizations, is due to stand trial in the U.S. in August. The FBI said the Ryuk operation earned at least $15 million in cryptocurrency ransom payments from victims. First seen…
-
Breach Roundup: Fashion House Louis Vuitton Confirms Breach
Also: CISA Warns of Unpatched Train Brake Vulnerability. This week: Louis Vuitton and Co-op confirm breaches, unpatched train brake flaw, Barclays fined £42M pounds for financial crime failures, secret U.K. program relocated thousands of Afghans, ex-soldier pleads guilty to hacking, Ukrainian hackers claim hit on Russian drone supplier. First seen on govinfosecurity.com Jump to article:…
-
European cyber cops target NoName057(16) DDoS network
A Europol operation has succeeded in disrupting a pro-Russian hacktivist network accused of conducting DDoS cyber attacks on targets in Ukraine and Europe. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366627802/European-cyber-cops-target-NoName05716-DDoS-network
-
Armenian, Ukrainian nationals among Ryuk ransomware actors facing US hacking charges
Armenian national Karen Serobovich Vardanyan, 33, was extradited from Ukraine last month and now faces up to five years in prison for his role in Ryuk, prosecutors said on Wednesday. First seen on therecord.media Jump to article: therecord.media/ryuk-ransomware-actors-legal-action
-
Ukrainian Hackers Claim Cyberattack on Major Russian Drone Supplier
A Ukrainian woman who survived a catastrophic cluster munition attack in 2014 continues to navigate the complex aftermath of severe combat-related injuries, highlighting the long-term humanitarian consequences of explosive ordnance use in populated areas. Nelya Leonidova, 34 at the time of the incident, sustained life-threatening polytrauma when submunitions detonated near a recreational area in Zugres,…
-
Researchers Reveal How Hacktivist Groups Gain Attention and Choose Their Targets
Cybersecurity researchers at Graphika have unveiled comprehensive findings on the operational dynamics of hacktivist organizations, revealing sophisticated attention-seeking behaviors and strategic target selection methodologies. Through their ATLAS intelligence reporting platform, analysts have systematically monitored approximately 700 active and inactive hacktivist entities since 2022, encompassing state-sponsored personas, geopolitically aligned collectives supporting Russia and Ukraine, and regionally-focused…
-
Europol Disrupts NoName057(16) Hacktivist Group Linked to DDoS Attacks Against Ukraine
An international operation coordinated by Europol has disrupted the infrastructure of a pro-Russian hacktivist group known as NoName057(16) that has been linked to a string of distributed denial-of-service (DDoS) attacks against Ukraine and its allies.The actions have led to the dismantling of a major part of the group’s central server infrastructure and more than 100…
-
GitHub Abused to Spread Amadey, Lumma and Redline InfoStealers in Ukraine
Hackers abused fake GitHub accounts to spread Emmenhtal, Amadey, Lumma and Redline infoStealers in attacks linked to a phishing campaign targeting Ukraine in early 2025. First seen on hackread.com Jump to article: hackread.com/github-abused-amadey-lumma-redline-infostealers-ukraine/
-
MaaS operation using Emmenhtal and Amadey linked to threats against Ukrainian entities
Cisco Talos uncovered a stealthy Malware-as-a-Service (MaaS) operation that used fake GitHub accounts to distribute a variety of dangerous payloads and evade security defenses. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/maas-operation-using-emmenhtal-and-amadey-linked-to-threats-against-ukrainian-entities/
-
Ermittlern gelingt Schlag gegen prorussische Hacker
Durch eine internationale Ermittlungsaktion wurde das Servernetz der prorussischen Hackergruppe NoName057(16) lahmgelegt.Deutsche und internationale Strafverfolgungsbehörden sind bei einer gemeinsamen Aktion gegen die Hackergruppe “NoName057(16)” vorgegangen. Nach Angaben des Bundeskriminalamts (BKA) wurde dabei ein aus weltweit verteilten Servern bestehendes Botnetz abgeschaltet, das für gezielte digitale Überlastungsangriffe auf Internetseiten eingesetzt wurde. Solche sogenannten Distributed Denial of Service (DDoS)-Angriffe…
-
Ukrainian hackers claim to have destroyed major Russian drone maker’s entire network
‘Deeply penetrated’ Gaskar ‘to the very tonsils of demilitarization’ First seen on theregister.com Jump to article: www.theregister.com/2025/07/16/ukrainian_drone_attack/
-
Europol Co. zerschlagen russisches Cyberkriminellen Netzwerk NoName057(16)
Strafverfolger haben mit Hilfe von Europol und weiteren Institutionen das Netzwerk der russischen NoName057-Cybergruppe zerschlagen. Die Täter hatten es auf IT-Infrastruktur der Ukraine und unterstützende Länder, darunter viele EU-Mitgliedstaaten, abgesehen. Operation Eastwood gegen NoName057(16) Die internationale Operation mit dem Namen Eastwood, … First seen on borncity.com Jump to article: www.borncity.com/blog/2025/07/16/europol-co-zerschlagen-russisches-cyberkriminellen-netzwerk-noname05716/
-
Operation Eastwood shutters 100+ servers used to DDoS websites supporting Ukraine
Two Russian suspects in cuffs, seven warrants out First seen on theregister.com Jump to article: www.theregister.com/2025/07/16/russian_hacktivist_bust/
-
International operation disrupts pro-Russian hacker group NoName057(16)
European and U.S. law enforcement have disrupted the operations of a pro-Russian hacker group known for launching distributed denial-of-service attacks against Ukraine and its allies. First seen on therecord.media Jump to article: therecord.media/international-police-takedown-noname-hacker
-
Ukraine-aligned hackers claim cyberattack on major Russian drone supplier
Ukraine’s military intelligence agency confirmed that it participated with two volunteer hacking groups in an operation against Gaskar Group, a Russian drone company. First seen on therecord.media Jump to article: therecord.media/ukraine-hackers-claim-attack-russia-gaskar-group-drone-maker
-
Ukrainian hackers claim to have destroyed servers of Russian drone maker
A coalition of Ukrainian hackers breached and wiped systems belonging to Gaskar Group, a Moscow-based drone maker. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/15/ukrainian-hackers-claim-to-have-destroyed-servers-of-russian-drone-maker/
-
Wegen Ukraine-Support: Prorussische Hacker attackieren vermehrt deutsche Ziele
Die prorussische Cybergang NoName057(16) nimmt Aussagen von Friedrich Merz zur Unterstützung der Ukraine persönlich und wirft wieder mit Datenpaketen um sich. First seen on golem.de Jump to article: www.golem.de/news/wegen-ukraine-support-prorussische-hacker-attackieren-vermehrt-deutsche-ziele-2507-198065.html
-
Looking Tough: Russia Trumpets Pro-Ukraine Hacker Arrests
Officials Look for Positive PR Stories as Putin’s War Drags On. Russian authorities regularly trumpet the arrest and sentencing of citizens who offer hacking support to Ukrainian forces. Experts say the extent to which official crime reports can be trusted remains unclear, especially as officials need to look tough on the Ukrainian threat. First seen…
-
Cyberattack deals blow to Russian firmware used to repurpose civilian drones for Ukraine war
The developers behind a custom firmware used to convert consumer drones for military use in Ukraine have reported a cyberattack disrupting the system that distributes the software. First seen on therecord.media Jump to article: therecord.media/cyberattack-russia-firmware-blow-hackers
-
Russia’s St. Petersburg hit by major internet outage amid drone strike warnings
The outages in Russia’s second largest city are the latest in a series of shutdowns that may be linked to the Kremlin’s efforts to protect critical infrastructure from Ukrainian drone attacks. First seen on therecord.media Jump to article: therecord.media/russia-saint-petersburg-outage-drones
-
Ukraine unterstützt: Hacker aus Russland zu 16 Jahren Haft verurteilt
Der Verurteilte soll zusammen mit Cybertruppen des Geheimdienstes der Ukraine russische Ziele attackiert haben. Nun muss er in eine Strafkolonie. First seen on golem.de Jump to article: www.golem.de/news/cyberangriffe-auf-russland-pro-ukrainischer-hacker-zu-16-jahren-haft-verurteilt-2507-197770.html