La Republique En Marche
March 3, 2022
•[ hack, ddos, government ]
Killnet targeted La R''publique En Marche (LREM) website during the French election in what they claim to be retaliation for France's alleged supplies of military aid to Ukraine. The threat actors saturated the server by multiplying false connections, rendering the site inactive for a few hours.
VadaTech
March 2, 2022
•[ ransomware, leak, malware ]
Lorenz executed exfiltration of data and ransomeware in targeted network. Data presented on dark web "leak site"
Ukrainian Embassy in London
March 2, 2022
•[ hack, government ]
The Ukrainian Embassy in London has been under cyber attack amid Russia's invasion of Ukraine.
Roscosmos
March 1, 2022
•[ hack, government ]
NB65, a group of hackers affiliated with Anonymous claims to have disrupted Roscosmos, the Russian space agency, and in particular Russia's vehicle monitoring system.
Russian Ministry of Economic Development
March 1, 2022
•[ leak, government ]
The Anonymous collective claims to have leaked the database of the RUssian Ministry of Economic Development.
Russian State Space Corporation ROSCOSMOS
March 1, 2022
•[ hack, ddos, government ]
An Anonymous affiliate claimed to have shut down a control server for the "Vehicle Monitoring System" of the Russian space agency.
Unnamed engineering company with energy and military customers
February 28, 2022
•[ espionage, malware, energy ]
Researchers from Symantec/Broadcom reveal that an unnamed engineering company with energy and military customers was recently the target of the North Korean group Stonefly.
Conti
February 27, 2022
•[ leak, insider, government ]
A Ukrainian cybersecurity researcher published the biggest leak ever of files and data from Conti following Conti's publicly supporting Russia's invasion of Ukraine. Conti is a syndicate of Russian and Eastern Europe cybercriminals wanted by the FBI for conducting attacks on hundreds of US organizations and causing millions of dollars in losses. The thousands of internal documents and communications leaked include evidence that appears to suggest Conti operatives have contacts within the Russian government, including the FSB intelligence service.
UNC1151
February 27, 2022
•[ leak, government ]
GhostSec (Anonymous) released a sample of databases stolen from additional government and municipality sites across Russia. They conducted attacks against "Russian hackers" and the "hacker group GhostWriter" (a.k.a. UNC1151).
AgainstTheWest
February 27, 2022
•[ hack, malware, government ]
AgainstTheWest (ATW) claims to have attacked a department of the Administration of the Pskov Region with their own custom "wiper" malware. All data has been reportedly saved and deleted.
Ukraine border control
February 26, 2022
•[ hack, malware, government ]
A Ukraine border control station is struck with a data wiper cyberattack severely slowing the process of allowing refugees to cross into Romania.
Russian Ministry of Defense
February 25, 2022
•[ leak, government ]
Anonymous breaches a Russian Ministry of Defense database including personal contact information and leaks it online.
Aeroflot
February 25, 2022
•[ hack, ddos, government ]
Russian government entities and state-owned companies have been targeted over events in Ukraine, with the websites of the Kremlin, flagship carrier and major lender among those to have seen outages or temporary access issues.
New York State's Joint Commission on Public Ethics
February 25, 2022
•[ hack, government ]
New York government ethics watch dog is forced to shut dow all systems following an unidentified cyberattack.
Ukraine border control station
February 25, 2022
•[ hack, malware, government ]
A Ukraine border control station has been struck with a data wiper cyberattack that has slowed the process of allowing refugees to cross into Romania.
Undetermined
February 24, 2022
•[ espionage, phishing, finance ]
A phishing campaign was observed using a possibly compromised Ukrainian armed service member's email account, to target European government personnel involved in managing the logistics of refugees fleeing Ukraine. Researchers indicate there was a clear preference for targeting individuals with responsibilities related to transportation, financial and budget allocation, administration, and population movement within Europe.
Ukrainian Ministry of Internal Affairs
February 23, 2022
•[ hack, ddos, government ]
The websites of several Ukrainian banks and government departments, including the Ministry of Foreign Affairs, Ministry of Defense, Ministry of Internal Affairs, Security Service (SBU) and Cabinet of Ministers became inaccessible following a large DDoS attack. Most other sites came online within two hours of the attack but latency and outages continued into the following day for others.
Undetermined
February 23, 2022
•[ espionage, finance, government ]
More than 600 websites belonging to the defence ministry in Kyiv and other institutions suffered attacks with the launch of thousands of exploits with attempts pointed to at least 20 distinct vulnerabilities. The campaign started mid-February and peaked on 23 February. The attacks sought to infiltrate targets ranging from border defence forces to the national bank and railway authority. They were designed to steal data and explore ways to shut down or disrupt vital defence and civilian infrastructure. The Times, allegedly quoting a source at the SBU, claimed the campaign was co-ordinated by the Chinese government. The SBU went on to deny The Times report.
Armed Forces of Ukraine
February 15, 2022
•[ hack, ddos, government ]
The Ukrainian Armed Forces are hammered in a string of DDOS attacks.
Italian Agency for Tourism
February 11, 2022
•[ ransomware, malware, government ]
The Italian Agency for Tourism suffers LockBit 2.0 ransomware attack.
