The division Threat Analysis Group (Tag) di Google announces that he has spotted two phishing campaigns linked to Russian and Belarusian groups. These are hacker groups close to Russian espionage, which allegedly attacked several Ukrainian users in recent days.
Google reports new Russian and Belarusian phishing campaigns
Google’s first report concerns the campaigns of FancyBear/APT28a group of cyber criminals close to the TOWER CRANE, the Russian military intelligence service. According to Google, the group has conducted phishing campaigns against ukr.net users, trying to steal their credentials. The emails contained links to sites that Google removed.
Another attacker is the group Ghostwriter/UNC1151, a Belarusian group. Which in recent weeks has conducted several operations to steal the credentials of various personalities in the Ukrainian and also the Polish government, as well as individuals in the armed forces and even ordinary users. Again, Google explains that it has blocked attack vectors.
If Google’s email service has made it possible to evaluate and block phishing campaigns, they are not the only attack methods that the Mountain View giant reports. In fact, glDDoS attacks against several Ukrainian sites. Among these, particularly relevant are those against the site of the Ministry of Foreign Affairs, of the Interior as well as services such as Liveuamap. All sites where i civilians can find information for your own safety.
Google comments: “We will continue to act, identify attackers and share relevant information with other industry experts and governments with the aim of raising awareness of these issues, protecting users and preventing future attacks.”
Leave a Reply
View Comments