Russian
-
Blog
Russian ISP confirms Ukrainian hackers “destroyed” its network
Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announced on Tuesday they had breached Russian internet service provider Nodex’s network and wiped hacked systems after stealing sensitive documents. “The Russian internet provider Nodex in St. Petersburg was completely looted and wiped. Data exfiltrated, while the empty equipment without backups was left to them,” the Ukrainian hacktivists announced yesterday on…
Read More » -
Blog
/cdn.vox-cdn.com/uploads/chorus_asset/file/25334823/STK466_ELECTION_2024_CVirginia_D.jpg)
US sanctions Russian group over AI-generated election disinformation
The US has issued sanctions on organizations in Russia and Iran for attempting to interfere with the 2024 presidential election. The Treasury Department said on Tuesday that the groups tried to “stoke socio-political tensions” and influence voters. One group, the Moscow-based Center for Geopolitical Expertise, has ties to Russia’s Main Intelligence Directorate (GRU), and built a server to host its…
Read More » -
Blog
Russian hackers use RDP proxies to steal data in MiTM attacks
The Russian hacking group tracked as APT29 (aka “Midnight Blizzard”) is using a network of 193 remote desktop protocol proxy servers to perform man-in-the-middle (MiTM) attacks to steal data and credentials and to install malicious payloads. The MiTM attacks utilized the PyRDP red team proxy tool to scan the victims’ filesystems, steal data in the background, and remotely execute rogue applications…
Read More » -
Blog
Russian cyberspies target Android users with new spyware
Russian cyberspies Gamaredon has been discovered using two Android spyware families named ‘BoneSpy’ and ‘PlainGnome’ to spy on and steal data from mobile devices. According to Lookout, which discovered the two malware families, BoneSpy has been active since 2021, while PlainGnome emerged in 2024. Both target Russian-speaking individuals in former Soviet states. Gamaredon (aka “Shuckworm”) is believed to be part…
Read More » -
Blog
New Android spyware found on phone seized by Russian FSB
After a Russian programmer was detained by Russia’s Federal Security Service (FSB) for fifteen days and his phone confiscated, it was discovered that a new spyware was secretly installed on his device upon its return. The programmer, Kirill Parubets, was arrested by the FSB after being accused of donating to Ukraine. After regaining access to his mobile device, the programmer suspected…
Read More » -
Blog
UK disrupts Russian money laundering networks used by ransomware
A law enforcement operation led by the United Kingdom’s National Crime Agency (NCA) has disrupted two Russian money laundering networks working with criminals worldwide, including ransomware gangs. Dubbed “Operation Destabilise,” this international investigation has led to the arrest of 84 Russian-speaking suspects linked to the Smart (led by Ukrainian George Rossi) and TGR (controlled by Russian Ekaterina Zhdanova) criminal organizations.…
Read More » -
Blog
Firefox and Windows zero-days exploited by Russian RomCom hackers
Russian-based RomCom cybercrime group chained two zero-day vulnerabilities in recent attacks targeting Firefox and Tor Browser users across Europe and North America. The first flaw (CVE-2024-9680) is a use-after-free bug in Firefox’s animation timeline feature that allows code execution in the web browser’s sandbox. Mozilla patched this vulnerability on October 9, 2024, one day after ESET reported it. The second…
Read More » -
Blog
US warns of last-minute Iranian and Russian election influence ops
The U.S. Cybersecurity & Infrastructure Security Agency is warning about last-minute influence operations conducted by Iranian and Russian actors to undermine the public trust in the integrity and fairness of the upcoming presidential election. In a joint statement, CISA, the Office of the Director of National Intelligence (ODNI), and the Federal Bureau of Investigation (FBI), collectively the Intelligence Community (IC),…
Read More » -
Blog
Russian charged by U.S. for creating RedLine infostealer malware
The United States announced charges today against Maxim Rudometov, a Russian national, for being the suspected developer and administrator of the RedLine malware operation, one of the most prolific infostealers over the past few years. These infostealers, marketed to cybercriminals and sold via subscriptions, enable attackers to steal credentials and financial data and bypass multi-factor authentication. Rudometov was named in…
Read More » -
Blog
NCSC warns organizations of cyber threat from Russian Foreign Intelligence
The National Cyber Security Centre (NCSC) is warning organizations to buckle up for online attacks by Russia’s Foreign Intelligence Service (SVR). More than 20 publicly disclosed vulnerabilities have been listed in a joint advisory of US security agencies. These, it believes, can be exploited by the hacking group, APT29, also known as Midnight Blizzard, the Dukes, and Cozy Bear. The…
Read More »