July 12, 2024
Latvia says Russian hackers tried to phish its Ministry of Defence

Russian hackers are being blamed for an tried phishing assault towards the Latvian Ministry of Defence.

Gamaredon, a Russian state-sponsored cyberespionage group, used a website identify (admou[.]org) beforehand linked to the gang in previous attacks designed to steal data and achieve entry to networks run by Ukraine and its allies.

Researchers at French safety outfit Sekoia explained that the hackers despatched spear phishing emails to the Latvian MoD whereas posing as officers of the Ukrainian Ministry of Defence.

It seems that at the least one of many recipients was suspicious of the message and its attachment, because it was uploaded to the VirusTotal service for scanning.

Smuggled inside the e-mail attachment was malicious code which launched a sequence of processes, designed to assist hackers steal data from their supposed targets inside Latvia’s Ministry of Defence.

As The File describes, what made the investigation into the assault uncommon is that after the Gamaredon hacking group realised its assault was being investigated, it started to speak with the researchers:

A CERT-LV spokesperson advised The File that hackers despatched a meme depicting a Russian bear holding a paw on Ukraine, whereas the U.S. and EU attempt to comprise it.

FSB-linked Gamaredon (which is also referred to as Actinium, Armageddon, Iron Tilden, Primitive Bear, Shuckworm, Trident Ursa, and Winterflounder) has been attacking organsiations exterior of Russia for at the least ten years.

Final yr, as an illustration, Gamaredon hackers reportedly tried to hack into a petroleum-refining company positioned in a NATO nation, and focused army and authorities establishments in Ukraine with boobytrapped Word documents.

The Latvian Ministry of Defence says that the tried phishing assault launched towards it by the Gamaredon group was unsuccessful.

Latvia‚Äôs Laptop Emergency Readiness Workforce (CERT-LV) says that cyberattacks within the nation have risen 30% for the reason that begin of the warfare in Ukraine, with essentially the most severe threats posed by pro-Russian hacktivists and Kremlin-backed hackers focusing on vital infrastructure, companies, and Latvia’s authorities.