The Kremlin’s Most Devious Hacking Group Is Using Russian ISPs to Plant Spyware

The FSB cyberespionage group known as Turla seems to have used its control of Russia’s network infrastructure to meddle with web traffic and trick diplomats into infecting their computers...

Gamaredon: The Turncoat Spies Relentlessly Hacking Ukraine

For the past decade, this group of FSB hackers—including “traitor” Ukrainian intelligence officers—has used a grinding barrage of intrusion campaigns to make life hell for their former countrymen and cybersecurity defenders...

Ukrainian Minors Recruited for Cyber Ops and Reconnaissance in Russian Airstrikes

The Security Service of Ukraine SBU or SSU has exposed a novel espionage campaign suspected to be orchestrated by Russia's Federal Security Service FSB that involves recruiting Ukrainian minors for criminal activities under the guise of "quest games." Law enforcement officials said that it detain...

FSB Uses Trojan App to Monitor Russian Programmer Accused of Supporting Ukraine

A Russian programmer accused of donating money to Ukraine had his Android device secretly implanted with spyware by the Federal Security Service FSB after he was detained earlier this year. The findings come as part of a collaborative investigation by First Department and the University of...

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

The head of counterintelligence for a division of the Russian Federal Security Service FSB was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. T...

Microsoft Warns of COLDRIVER's Evolving Evasion and Credential-Stealing Tactics

The threat actor known as COLDRIVER has continued to engage in credential theft activities against entities that are of strategic interests to Russia while simultaneously improving its detection evasion capabilities. The Microsoft Threat Intelligence team is tracking under the cluster as Star...

Turla Updates Kazuar Backdoor with Advanced Anti-Analysis to Evade Detection

The Russia-linked hacking crew known as Turla has been observed using an updated version of a known second-stage backdoor referred to as Kazuar. The new findings come from Palo Alto Networks Unit 42, which is tracking the adversary under its constellation-themed moniker Pensive Ursa. "As the code...

Kaspersky Says New Zero-Day Malware Hit iPhones—Including Its Own

On the same day, Russia’s FSB intelligence service launched wild claims of NSA and Apple hacking thousands of Russians...

The Underground History of Turla, Russia's Most Ingenious Hacker Group

From USB worms to satellite-based hacking, Russia’s FSB hackers, known as Turla, have spent 25 years distinguishing themselves as “adversary number one.”...

FBI, GCHQ Unite To Foil Russian Malware Hacking Tool

By Owais Sultan A joint advisory from the National Cyber Security Centre has detailed how the UK and its allies have cracked Snake, a Russian malware used by the FSB. This is a post from HackRead.com Read the original post: FBI, GCHQ Unite To Foil Russian Malware Hacking Tool...

Actors, Threats and Vulnerabilities 08 to 14 May 2023

For a detailed threat digest, download the pdf file here Summary HiveForce Labs recently made several significant discoveries related to cybersecurity threats. Over the past week, identified a total of nine attacks that were executed. Additionally, HiveForce Labs identified four different...

Snake a Stealthy Cyber-Espionage Malware

Threat Level Attack Report For a detailed threat advisory, download the pdf file here Summary Snake is a powerful cyber-espionage malware developed by FSB & linked to Turla hackers. Boasts high stealth, rigorous engineering & global reach. To receive real-time threat advisories, please follow...

Hunting Russian Intelligence “Snake” Malware

SUMMARY The Snake implant is considered the most sophisticated cyber espionage tool designed and used by Center 16 of Russia’s Federal Security Service FSB for long-term intelligence collection on sensitive targets. To conduct operations using this tool, the FSB created a covert peer-to-peer P2P...

Turla, a Russian Espionage Group, Piggybacked on Other Hackers' USB Infections

The infamous, FSB-connected Turla group took over other hackers' servers, exploiting their USB drive malware for targeted espionage...

Russian Hackers Targeted Petroleum Refinery in NATO Country During Ukraine War

The Russia-linked Gamaredon group attempted to unsuccessfully break into a large petroleum refining company within a NATO member state earlier this year amid the ongoing Russo-Ukrainian war. The attack, which took place on August 30, 2022, is just one of multiple intrusions orchestrated by the...

Fronton: Russian IoT Botnet Designed to Run Social Media Disinformation Campaigns

Fronton, a distributed denial-of-service DDoS botnet that came to light in March 2020, is much more powerful than previously thought, per the latest research. "Fronton is a system developed for coordinated inauthentic behavior on a massive scale," threat intelligence firm Nisos said in a report...

Ransomware: April 2022 review

The Malwarebytes Threat Intelligence team monitors the threat landscape continuously and produces monthly ransomware reports based on a mixture of proprietary and open-source intelligence. April 2022 was most notable for the emergence of three new ransomware-as-a-service RaaS groups—Onyx, Mindwar...

Ukraine Leaks Personal Details of 620 Alleged FSB Agents

By Deeba Ahmed The Ukrainian Defense Ministrys Directorate of Intelligence claims the personal data includes names, phone numbers, addresses, vehicle license… This is a post from HackRead.com Read the original post: Ukraine Leaks Personal Details of 620 Alleged FSB Agents...

DOJ Indicts Russian Gov’t Employees Over Targeting Power Sector

The U.S. Department of Justice DOJ has indicted four Russian government employees in connection to plots to cyber-fry critical infrastructure in the United States and beyond, including at least one nuclear power plant. The campaigns involved one of the most dangerous malwares ever encountered in...

Conti Leaks Reveal the Ransomware Group’s Links to Russia

Members of the Conti ransomware group may act in Russia’s interest, but their links to the FSB and Cozy Bear hackers appear ad hoc...