A Newly Named Group of GRU Hackers is Wreaking Havoc in Ukraine

/in


Finally, the Russia-based ransomware gang Clop went on a hacking spree that hit US government agencies and international companies including Shell and British Airways. Clop hackers carried out their cybercriminal campaign by exploiting a vulnerability in the file-transfer service MOVEit. The flaw has since been patched, but the full extent of the stolen data and list of targets remains unclear.

But that’s not all. Each week, we round up the biggest security and privacy stories we weren’t able to cover in depth ourselves. Click on the headlines to read the full stories, and stay safe out there.

As Russia has carried out its unprecedented cyberwar in Ukraine over nearly a decade, its GRU military intelligence hackers have taken center stage. The notorious GRU hacker groups Sandworm and APT28 have triggered blackouts, launched countless destructive cyberattacks, released the NotPetya malware, and even attempted to spoof results in Ukraine’s 2014 presidential election. Now, according to Microsoft, there’s a new addition to that hyper-aggressive agency’s cyberwar-focused bench.

Microsoft this week named a new group of GRU hackers that it’s calling Cadet Blizzard, and has been tracking since just before Russia’s full-scale invasion of Ukraine in February 2022. Redmond’s cybersecurity analysts now blame Cadet Blizzard for the destructive malware known as WhisperGate, which hit an array of government agencies, nonprofits, IT organizations, and emergency services in Ukraine in January 2022, just a month before Russia’s invasion began. Microsoft also attributes to Cadet Blizzard a series of web defacements and a hack-and-leak operation known as Free Civilian that dumped the data of several Ukrainian hacking victim organizations online while loosely impersonating hacktivists, another of the GRU’s trademarks.

Microsoft assesses that Cadet Blizzard appears to have the help of at least one private sector Russian firm in its hacking campaign but that it’s neither as prolific nor as sophisticated as previously known GRU groups plaguing Ukraine. But as Russia has switched up the tempo of its cyberwar, focusing on quantity rather than quality of attacks, Cadet Blizzard may play a key…

Source…