Russian

  • Blog
    digitpatrox3 weeks ago
    39

    Google links new LostKeys data theft malware to Russian cyberspies

    Since the start of the year, the Russian state-backed ColdRiver hacking group has been using new LostKeys malware to steal files in espionage attacks targeting Western governments, journalists, think tanks, and non-governmental organizations. In December, the United Kingdom and Five Eyes allies linked ColdRiver to Russia’s Federal Security Service (FSB), the country’s counterintelligence and internal security service. Google Threat Intelligence…

    Read More »
  • Blog
    digitpatrox3 weeks ago
    38

    Russian hackers tried to lure diplomats with wine tasting – sound familiar? It’s an update to a previous campaign by the notorious Midnight Blizzard group

    Notorious Russian threat group Midnight Blizzard has been mixing up its attack methods in recent months, according to analysis from Check Point, including targeting European diplomats with the lure of luxury events. In a blog post detailing the campaign, researchers said the threat group has been targeting European governments and diplomats since January this year. The campaign saw hackers impersonate…

    Read More »
  • Blog
    digitpatroxApril 23, 2025
    45

    Russian army targeted by new Android malware hidden in mapping app

    A new Android malware has been discovered hidden inside trojanized versions of the Alpine Quest mapping app, which is reportedly used by Russian soldiers as part of war zone operational planning. Attackers promote the trojanized app as a free, cracked version of the premium Alpine Quest Pro, using Telegram channels and Russian app catalogs for distribution. AlpineQuest is a legitimate GPS…

    Read More »
  • Blog
    digitpatroxApril 20, 2025
    132

    Chinese hackers target Russian govt with upgraded RAT malware

    Chinese-speaking IronHusky hackers are targeting Russian and Mongolian government organizations using upgraded MysterySnail remote access trojan (RAT) malware. Security researchers at Kaspersky’s Global Research and Analysis Team (GReAT) spotted the updated implant while investigating recent attacks where the attackers deployed the RAT malware using a malicious MMC script camouflaged as a Word document, which downloaded second-stage payloads and gained persistence on…

    Read More »
  • Blog
    digitpatroxApril 10, 2025
    82

    Russian hackers attack Western military mission using malicious drive

    The Russian state-backed hacking group Gamaredon (aka “Shuckworm”) has been targeting a military mission of a Western country in Ukraine in attacks likely deployed from removable drives. Symantec threat researchers say the campaign started in February 2025 and continued until March, with hackers deploying an updated version of the GammaSteel info-stealing malware to exfiltrate data. According to the report, initial access to…

    Read More »
  • Blog
    digitpatroxMarch 4, 2025
    85

    DHS says CISA will not stop monitoring Russian cyber threats

    The US Cybersecurity and Infrastructure Security Agency says that media reports about it being directed to no longer follow or report on Russian cyber activity are untrue, and its mission remains unchanged. “CISA’s mission is to defend against all cyber threats to U.S. Critical Infrastructure, including from Russia,” the US cyber agency posted to X. “There has been no change in…

    Read More »
  • Blog
    digitpatroxFebruary 19, 2025
    124

    Russian phishing campaigns exploit Signal’s device-linking feature

    Russian threat actors have been launching phishing campaigns that exploit the legitimate “Linked Devices” feature in the Signal messaging app to gain unauthorized access to accounts of interest. Over the past year, researchers observed phishing operations attributed to Russian state-aligned groups that used multiple methods to trick targets into linking their Signal account to a device controlled by the attacker.…

    Read More »
  • Blog
    digitpatroxFebruary 11, 2025
    118

    Russian military hackers deploy malicious Windows activators in Ukraine

    The Sandworm Russian military cyber-espionage group is targeting Windows users in Ukraine with trojanized Microsoft Key Management Service (KMS) activators and fake Windows updates. These attacks likely started in late 2023 and have now been linked by EclecticIQ threat analysts with Sandworm hackers based on overlapping infrastructure, consistent Tactics, Techniques and Procedures (TTPs), and frequently used ProtonMail accounts to register…

    Read More »
  • Blog
    digitpatroxFebruary 7, 2025
    100

    HPE notifies employees of data breach after Russian Office 365 hack

    Hewlett Packard Enterprise (HPE) is notifying employees whose data was stolen from the company’s Office 365 email environment by Russian state-sponsored hackers in a May 2023 cyberattack. According to filings with Attorney General offices in New Hampshire and Massachusets, HPE started sending the breach notification letters last month to at least 16 people who had their driver’s licenses, credit card…

    Read More »
  • Blog
    digitpatroxJanuary 8, 2025
    117

    Russian ISP confirms Ukrainian hackers “destroyed” its network

    ​Ukrainian hacktivists, part of the Ukrainian Cyber Alliance group, announced on Tuesday they had breached Russian internet service provider Nodex’s network and wiped hacked systems after stealing sensitive documents. “The Russian internet provider Nodex in St. Petersburg was completely looted and wiped. Data exfiltrated, while the empty equipment without backups was left to them,” the Ukrainian hacktivists announced yesterday on…

    Read More »
Load More
Back to top button
close