Ukrainian Embassy in London
March 2, 2022
•[ hack, government ]
The Ukrainian Embassy in London has been under cyber attack amid Russia's invasion of Ukraine.
Roscosmos
March 1, 2022
•[ hack, government ]
NB65, a group of hackers affiliated with Anonymous claims to have disrupted Roscosmos, the Russian space agency, and in particular Russia's vehicle monitoring system.
Russian Ministry of Economic Development
March 1, 2022
•[ leak, government ]
The Anonymous collective claims to have leaked the database of the RUssian Ministry of Economic Development.
Russian State Space Corporation ROSCOSMOS
March 1, 2022
•[ hack, ddos, government ]
An Anonymous affiliate claimed to have shut down a control server for the "Vehicle Monitoring System" of the Russian space agency.
Unnamed engineering company with energy and military customers
February 28, 2022
•[ espionage, malware, energy ]
Researchers from Symantec/Broadcom reveal that an unnamed engineering company with energy and military customers was recently the target of the North Korean group Stonefly.
Conti
February 27, 2022
•[ leak, insider, government ]
A Ukrainian cybersecurity researcher published the biggest leak ever of files and data from Conti following Conti's publicly supporting Russia's invasion of Ukraine. Conti is a syndicate of Russian and Eastern Europe cybercriminals wanted by the FBI for conducting attacks on hundreds of US organizations and causing millions of dollars in losses. The thousands of internal documents and communications leaked include evidence that appears to suggest Conti operatives have contacts within the Russian government, including the FSB intelligence service.
UNC1151
February 27, 2022
•[ leak, government ]
GhostSec (Anonymous) released a sample of databases stolen from additional government and municipality sites across Russia. They conducted attacks against "Russian hackers" and the "hacker group GhostWriter" (a.k.a. UNC1151).
AgainstTheWest
February 27, 2022
•[ hack, malware, government ]
AgainstTheWest (ATW) claims to have attacked a department of the Administration of the Pskov Region with their own custom "wiper" malware. All data has been reportedly saved and deleted.
Ukraine border control
February 26, 2022
•[ hack, malware, government ]
A Ukraine border control station is struck with a data wiper cyberattack severely slowing the process of allowing refugees to cross into Romania.
Russian Ministry of Defense
February 25, 2022
•[ leak, government ]
Anonymous breaches a Russian Ministry of Defense database including personal contact information and leaks it online.
Aeroflot
February 25, 2022
•[ hack, ddos, government ]
Russian government entities and state-owned companies have been targeted over events in Ukraine, with the websites of the Kremlin, flagship carrier and major lender among those to have seen outages or temporary access issues.
New York State's Joint Commission on Public Ethics
February 25, 2022
•[ hack, government ]
New York government ethics watch dog is forced to shut dow all systems following an unidentified cyberattack.
Ukraine border control station
February 25, 2022
•[ hack, malware, government ]
A Ukraine border control station has been struck with a data wiper cyberattack that has slowed the process of allowing refugees to cross into Romania.
Undetermined
February 24, 2022
•[ espionage, phishing, finance ]
A phishing campaign was observed using a possibly compromised Ukrainian armed service member's email account, to target European government personnel involved in managing the logistics of refugees fleeing Ukraine. Researchers indicate there was a clear preference for targeting individuals with responsibilities related to transportation, financial and budget allocation, administration, and population movement within Europe.
Ukrainian Ministry of Internal Affairs
February 23, 2022
•[ hack, ddos, government ]
The websites of several Ukrainian banks and government departments, including the Ministry of Foreign Affairs, Ministry of Defense, Ministry of Internal Affairs, Security Service (SBU) and Cabinet of Ministers became inaccessible following a large DDoS attack. Most other sites came online within two hours of the attack but latency and outages continued into the following day for others.
Undetermined
February 23, 2022
•[ espionage, finance, government ]
More than 600 websites belonging to the defence ministry in Kyiv and other institutions suffered attacks with the launch of thousands of exploits with attempts pointed to at least 20 distinct vulnerabilities. The campaign started mid-February and peaked on 23 February. The attacks sought to infiltrate targets ranging from border defence forces to the national bank and railway authority. They were designed to steal data and explore ways to shut down or disrupt vital defence and civilian infrastructure. The Times, allegedly quoting a source at the SBU, claimed the campaign was co-ordinated by the Chinese government. The SBU went on to deny The Times report.
Armed Forces of Ukraine
February 15, 2022
•[ hack, ddos, government ]
The Ukrainian Armed Forces are hammered in a string of DDOS attacks.
Italian Agency for Tourism
February 11, 2022
•[ ransomware, malware, government ]
The Italian Agency for Tourism suffers LockBit 2.0 ransomware attack.
Air transport in Finland
February 10, 2022
•[ hack, ddos, government ]
Finland's Transport and Communications Agency, Traficom, issues a public announcement informing of an unusual spike in GPS interference near the country's eastern border.
Undetermined
February 1, 2022
•[ espionage, phishing, energy ]
Spear phishing email was sent to an employee of a Ukrainian energy organization containing malicious files that would download and install a payload known as SaintBot (a downloader) and OutSteel (a document stealer). The same threat actor group targeted a Western government entity in Ukraine, as well as several Ukrainian government organizations back in March 2021.
