Ukrainian networks were reported by the country's Computer Emergency Response Team to have been subjected to mounting attacks by novel financially motivated Russian threat actors since the second half of 2023, according to The Record, a news site by cybersecurity firm Recorded Future.
Attacks by such threat operations, which accounted for almost 40% of all intrusions against Ukraine during the last six months of 2023, commonly involved phishing campaigns that aimed to deploy RemcosRAT, LummaStealer, and other remote access software and information-stealing malware payloads, said CERT-UA.
Despite improved targeting, threat actors looking to compromise Ukraine are likely to continue attacking the country's telecommunications sector with both kinetic and cyberattacks, with the latter meant to advance intelligence-gathering efforts, the report said.
"The emergence of new actors suggests a deliberate strategy by Russia to diversify its cyberwarfare arsenal. These groups may possess unique skill sets or specialize in specific operational objectives," said CERT-UA Chief Yevheniia Volivnyk.