Advertisement

Ukraine targeted by Russian, Belarusian phishing campaigns, cyberattacks: Google

Click to play video: 'Ukraine’s refugees scramble as heavy Russian bombings continue'
Ukraine’s refugees scramble as heavy Russian bombings continue
WATCH: Ukraine's refugees scramble as heavy Russian bombings continue – Mar 7, 2022

Alphabet Inc’s Google says it has seen Russian hackers well-known to law enforcement, including FancyBear, engaging in espionage, phishing campaigns and other attacks targeting Ukraine and its European allies in recent weeks.

Google’s Threat Analysis Group, which focuses on disrupting computer hackers and issuing warnings about them to users, said in a blog post on Monday that over the past two weeks Russian hacking unit FancyBear, also known as APT28, has been sending phishing emails to Ukrainian media company UkrNet.

Russia denies using hackers to go after its foes. Phishing messages aim to steal account login information from users, so that hackers can breach a target’s computers and online accounts.

Google did not say whether any of the attacks had been successful.

Story continues below advertisement

Ghostwriter/UNC1151, which Google described as a Belarusian threat actor, has been trying to steal account credentials through phishing attempts on Polish and Ukrainian government and military organizations.

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.

Get breaking National news

For news impacting Canada and around the world, sign up for breaking news alerts delivered directly to you when they happen.
By providing your email address, you have read and agree to Global News' Terms and Conditions and Privacy Policy.

Ukrainian cybersecurity officials last month had said hackers from neighboring Belarus are targeting the private email addresses of Ukrainian military personnel “and related individuals.”

Google also said Mustang Panda, or Temp.Hex, which the company described as China-based, has been sending virus-laden attachments to “European entities” with file names such as “Situation at the EU borders with Ukraine.zip.”

Click to play video: 'Russia-Ukraine conflict: NATO chief warns Russia that cyber attacks can trigger NATO Charter Article 5'
Russia-Ukraine conflict: NATO chief warns Russia that cyber attacks can trigger NATO Charter Article 5

Google described the effort as a deviation from Mustang Panda’s standard focus on Southeast Asian targets.

Russian and Ukrainian hackers have traded online attacks, such as defacing government websites, since Russia invaded Ukraine last month. Ukraine publicly has called on its hacker community to help protect infrastructure and conduct cyber spying missions against Russian troops. Read full story

Story continues below advertisement

The Russian incursion into Ukraine is the biggest attack on a European state since World War Two.

Russia calls its actions in Ukraine a “special operation” that it says is not designed to occupy territory but to destroy its southern neighbour’s military capabilities and capture what it regards as dangerous nationalists.

(Reporting by Paresh Dave; Editing by Michael Perry)

Sponsored content

AdChoices