{"id":18374,"date":"2022-02-25T13:10:07","date_gmt":"2022-02-25T21:10:07","guid":{"rendered":"https:\/\/www.palada.net\/index.php\/2022\/02\/25\/news-12107\/"},"modified":"2022-02-25T13:10:07","modified_gmt":"2022-02-25T21:10:07","slug":"news-12107","status":"publish","type":"post","link":"https:\/\/www.palada.net\/index.php\/2022\/02\/25\/news-12107\/","title":{"rendered":"Cyber lures and threats in the context of the war in Ukraine"},"content":{"rendered":"

Credit to Author: Threat Intelligence Team| Date: Fri, 25 Feb 2022 20:59:40 +0000<\/strong><\/p>\n

The conflict between Ukraine and Russia goes a long way back, but it took a dramatic turn after the 2014 Ukrainian revolution. Since then, the war in the Donbas region has resulted in a number of casualties as well as a constant feeling of insecurity among the population.<\/p>\n

In recent months, Russia increased its pressure on Ukraine by placing more and more troops along its Eastern border. At the same time, a number of destructive cyber attacks against government websites and other organizations took place.<\/p>\n

On February 24, Russia invaded Ukraine and started a full military conflict across that nation. While the kinetic war is by far the most pressing issue, cyber threats against Ukraine and Western countries are increasing as well.<\/p>\n

In this blog, we will review some of the threats that have primarily targeted Ukraine but could also spill over globally.<\/p>\n

Constant APT attacks<\/h2>\n

The Russian APT group Gamaredon<\/a> has been actively targeting Ukraine for a number of years. However in recent months the interest has reached a new level and this was observed<\/a> in campaigns using a number of lures. We caught one such sample recently that displays a decoy PDF of 40 pages supposedly detailing Russian military training:<\/p>\n

\n