Home Security Researchers Determine 3 Hacktivist Teams Supporting Russian Pursuits

Researchers Determine 3 Hacktivist Teams Supporting Russian Pursuits

by crpt os


At least three alleged hacktivist groups working in support of Russian interests are likely doing so in collaboration with state-sponsored cyber threat actors, according to Mandiant.

The Google-owned threat intelligence and incident response firm said with moderate confidence that “moderators of the purported hacktivist Telegram channels ‘XakNet Team,’ ‘Infoccentr,’ and ‘CyberArmyofRussia_Reborn’ are coordinating their operations with Russian Main Intelligence Directorate (GRU)-sponsored cyber threat actors.”

Mandiant’s assessment is based on evidence that the leakage of data stolen from Ukrainian organizations occurred within 24 hours of malicious wiper incidents undertaken by the Russian nation-state group tracked as APT28 (aka Fancy Bear, Sofacy, or Strontium).

CyberSecurity

To that end, four of the 16 data leaks from these groups coincided with disk wiping malware attacks by APT28 that involved the use of a strain dubbed CaddyWiper.

APT28, active since at least 2009, is associated with the Russian military intelligence agency, the General Staff Main Intelligence Directorate (GRU), and drew public attention in 2016 for the breaches of the Democratic National Committee (DNC) in the run-up to the U.S. presidential election.

APT28

While the so-called hacktivist groups have conducted distributed denial-of-service (DDoS) attacks and website defacements to target Ukraine, indications are that these fake personas are a front for information operations and destructive cyber activities.

That said, the exact nature of the relationship and the degree of affiliation with the Russian state remains unknown, although it suggests either direct involvement from GRU officers themselves or through the moderators running the Telegram channels.

CyberSecurity

This line of reasoning is substantiated by XakNet’s leak of a “unique” technical artifact that APT28 utilized in its compromise of a Ukrainian network and the fact that CyberArmyofRussia_Reborn’s data releases are preceded by APT28 intrusion operations.

The cybersecurity company noted it also unearthed some level of coordination between the XakNet Team and Infoccentr as well as the pro-Russia group KillNet.

“The war in Ukraine has also presented novel opportunities to understand the totality, coordination, and effectiveness of Russia cyber programs, including the use of social media platforms by threat actors,” Mandiant said.





Source link

Related Articles

xxxanti beeztube.mobi hot sexy mp4 menyoujan hentaitgp.net jason voorhees hentai indian soft core chupatube.net youjzz ez2 may 8 2023 pinoycinema.org ahensya ng pamahalaan pakistani chut ki chudai pimpmovs.com www xvedio dost ke papa zztube.mobi 300mbfilms.in صور مص الزب arabporna.net نهر العطش لمن تشعر بالحرمان movierulz plz.in bustyporntube.info how to make rangoli video 穂高ゆうき simozo.net 四十路五十路 ロシアav javvideos.net 君島みお 無修正 افلام سكس في المطبخ annarivas.net فيلم سكس قديم rashmi hot videos porncorn.info audiosexstories b grade latest nesaporn.pro high school girls sex videos real life cam eroebony.info painfull porn exbii adult pics teacherporntrends.com nepali school sex