Network Security, Threat Intelligence, Malware

Ukraine impacted by escalating Russian financially motivated intrusions

Malware analysis

Ukrainian networks were reported by the country's Computer Emergency Response Team to have been subjected to mounting attacks by novel financially motivated Russian threat actors since the second half of 2023, according to The Record, a news site by cybersecurity firm Recorded Future.

Attacks by such threat operations, which accounted for almost 40% of all intrusions against Ukraine during the last six months of 2023, commonly involved phishing campaigns that aimed to deploy RemcosRAT, LummaStealer, and other remote access software and information-stealing malware payloads, said CERT-UA.

Despite improved targeting, threat actors looking to compromise Ukraine are likely to continue attacking the country's telecommunications sector with both kinetic and cyberattacks, with the latter meant to advance intelligence-gathering efforts, the report said.

"The emergence of new actors suggests a deliberate strategy by Russia to diversify its cyberwarfare arsenal. These groups may possess unique skill sets or specialize in specific operational objectives," said CERT-UA Chief Yevheniia Volivnyk.

An In-Depth Guide to Network Security

Get essential knowledge and practical strategies to fortify your network security.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms of Use and Privacy Policy.

You can skip this ad in 5 seconds