One-third of denial-of-service attack traffic against independent Russian media organizations IStories and Verstka in mid-June had been from high-risk Russsian hosting provider Biterika owned by Valentina Alenshina, who has also been working as a software engineer in a tech center of the U.S.-sanctioned Moscow Institute of Electronic Technology, reports The Record, a news site by cybersecurity firm Recorded Future.
Alenshina may have strengthened Biterika with technical infrastructure from the state-backed entity, with almost 10,000 IP addresses from the old AS208475 network transferred to Biterika, according to an analysis from Swedish digital forensics firm Qurium. "Her case serves as a cautionary example of how sanctioned entities may still exert operational influence through affiliated individuals and independently registered technical assets," said Qurium researchers. Such findings come after the advanced persistent threat operation Blind Eagle, also known as APT-C-36, APT-Q-98, and AguilaCiega, was reported by Trustwave to have used Proton66, a Russian bulletproof hosting service, in recent phishing attacks.
Alenshina may have strengthened Biterika with technical infrastructure from the state-backed entity, with almost 10,000 IP addresses from the old AS208475 network transferred to Biterika, according to an analysis from Swedish digital forensics firm Qurium. "Her case serves as a cautionary example of how sanctioned entities may still exert operational influence through affiliated individuals and independently registered technical assets," said Qurium researchers. Such findings come after the advanced persistent threat operation Blind Eagle, also known as APT-C-36, APT-Q-98, and AguilaCiega, was reported by Trustwave to have used Proton66, a Russian bulletproof hosting service, in recent phishing attacks.
