Government entities in Ukraine, including its military departments, were targeted with a spearphishing email campaign intended to conduct cyber-espionage early this year, according to a new report out Tuesday from FireEye. The malware and infrastructure from the campaign suggests the group behind the attack may have been active as early as 2014, and that it’s linked with the Luhansk People’s Republic, a group that declared independence from Ukraine in 2014 with backing from Russia’s military. This year’s campaign shows the group is becoming increasingly sophisticated with its tactics. For instance, one of the malicious files was disguised as an executable .LNK file, which can leverage legitimate apps, such as Microsoft Windows configuration management framework PowerShell, to download malware. This suggests attackers wanted to go unnoticed, since PowerShell hacks are blended into a trusted process that antivirus software usually doesn’t detect. “It’s really becoming mainstream to a point where a lot […]
The post Quasi-Russian upstart reportedly targeted Ukraine in cyber-espionage campaign appeared first on CyberScoop.
Continue reading Quasi-Russian upstart reportedly targeted Ukraine in cyber-espionage campaign→