Alphabet’s Google said it had identified Russian hackers involved in spying and phishing campaigns targeting Ukraine and its European allies in recent weeks.
Google’s Threat Analysis Group, which works on preventing hackers and sending warnings about them to users, said in a post on Monday that in the past two weeks Russian hacking unit FancyBear, also known as APT28, has sent phishing emails to the Ukrainian media company UkrNet.
Russia denies using hackers to go after its enemies. Phishing messages aim to steal users’ account login information so that hackers can breach a target’s computers and online accounts.
Google did not say whether any of the attacks were successful.
In another case, Belarusian Ghostwriter/UNC1151, which Google described as a threat, has been trying to steal account credentials through phishing attempts against Polish and Ukrainian governments and military organizations.
Ukrainian cybersecurity officials said last month that Belarusian hackers are targeting the private email addresses of Ukrainian military personnel “and related individuals”.
Google also said that Mustang Panda, or Temp.Hex, which it described as being based in China, has been sending virus-laden attachments to “European entities” with filenames like “Situation on EU borders with Ukraine.zip.”
Google described the effort as a departure from the Mustang Panda’s standard focus on Southeast Asian targets.
Ukraine has publicly asked its hacking community to help secure infrastructure and carry out cyber espionage missions against Russian troops.
I have over 8 years of experience in the news industry. I have worked for various news websites and have also written for a few news agencies. I mostly cover healthcare news, but I am also interested in other topics such as politics, business, and entertainment. In my free time, I enjoy writing fiction and spending time with my family and friends.
