Ukrainian soldiers
Ukrainian soldiers sit on an armored military vehicle. Photo: Fadel Senna/AFP
CyberEuropeTechnology

Pro-Russia Hackers Attack Ukrainian Military: Report

Photo of Rojoef Manuel Rojoef ManuelJune 10, 2024
1 minute read

Ukraine is investigating a digital breach involving a pro-Russian cyber group targeting the armed forces.

An analysis published by the Ukrainian government’s Computer Emergency Response Team (CERT-UA) explained that the actors employed “Spectr,” a malware program hidden in legitimate programs to steal critical data including files and passwords.

The report stated that Spectr was concealed in SyncThing, software designed to consolidate content across local or remote networks.

According to CERT-UA, such an attack is typically facilitated with a decoy PDF file, an EXE installation launcher containing the virus, and a BAT file to run associated commands on the compromised device.

This tactic enables the change of a user’s directory names, calendars, and notifications.

Spectr can also copy information from removable USB devices, social media applications, and internet browsers.

Additionally, the virus can take images of a victim’s screen every 10 seconds when triggered by projected words such as “mail” and “drive.”

From Luhansk People’s Republic

CERT-UA said that the group involved in the incidents was Vermin, a hacking group that gained notoriety following Russia’s invasion of Ukraine in 2022.

The entity is known to operate under the Luhansk People’s Republic, a council backed by Moscow in the occupied eastern territories of Ukraine.

An event related to Vermin was recorded in 2022, which saw the distribution of the Spectr malware across emails affiliated with the Ukrainian Ministry of Defense and other state agencies.

Securing Digital Capabilities

CERT-UA urged users to implement measures against Vermin, Spectr, and other digital threats.

The agency also recommended monitoring interactions with the SyncThing infrastructure and its corresponding “.syncthing.net” domains.

“In order to minimize the likelihood of cyber threats, we urge the persons responsible for the cyber security of the Armed Forces to immediately contact the Cyber ​​Security Center of the Armed Forces for the purpose of obtaining and further installation on all computers without exception appropriate protection technologies,” the agency said.

“In addition, please make sure that there are settings on edge network devices for transmission of network connection.”

Tags
Photo of Rojoef Manuel Rojoef ManuelJune 10, 2024
1 minute read

Related Articles

NATO defense ministers meet for two days of meetings at the alliance's headquarters, Brussels, Belgium, June 27, 2019. (DoD photo by Lisa Ferdinando)

NATO to Establish Integrated Cybersecurity Center in Europe

July 12, 2024
destroyed Russian tank

Russia Develops Counter-Drone ‘Umbrella’ System After FPV Losses

July 12, 2024
tomahawk cruise missile

US Plan to Deploy Long-Range Missiles in Germany Signals Cold War: Russia

July 12, 2024
155-millimeter artillery ammunition is manufactured at Rheinmetall

Russian Planned Assassination of Rheinmetall CEO: CNN

July 11, 2024
F-16

NATO Allies Begin Transfer of F-16 Jets to Ukraine

July 11, 2024
Sea King helicopter

Norway to Donate Sea King Helicopter Spare Parts to Ukraine

July 10, 2024
Huawei logo

China-Made Tech Discovered at Taiwanese Army Base

July 10, 2024
Indonesian soldiers

Indonesia Urged to Create Separate Military Branch for Cyber Warfare

July 10, 2024
Personnel wearing Future Soldier System (SISCAP) augmented reality equipment

Indra Demos Tactical Augmented Reality Tech for Spanish Army

July 10, 2024
Kim Il Sung Military University

N. Korean Soldiers Depart for Russia Amid Ukraine War: Report

July 10, 2024
Back to top button