April 01, 2022

Cybercriminals Using War to Phish Victims

 

Cybersecurity researchers at Google’s Threat Analysis Group (TAG) claim that government-backed hacking groups in Russia, China, North Korea, and Iran, plus various other cybercriminal groups are using the Russia-Ukraine war to phish victims and steal login credentials, sensitive information and money.

One Russian hacking group named ‘Coldriver’ or ‘Calisto’, is targeting US NGOs, think tanks, Eastern European and Balkan militaries, defence contractors, and even NATO through phishing emails sent from fresh Gmail accounts. Another example is ‘Ghostwriter’ a Belarusian group that orchestrates browser-in-the-browser attacks to spoof legitimate websites and domains to steal credentials.

Cybercriminal Hacker Fraud Theft

TAG has also warned about the ‘Curious Gorge’ hacker group which seems to be linked to the cyberwarfare branch of the Chinese military. They seem to be conducting hacking campaigns against military organisations in Kazakhstan, Mongolia, Russia, and Ukraine.

Other non-state sponsored cybercriminal groups are taking advantage of the war by impersonating military personnel and demanding payment for supposedly rescuing Ukrainian relatives. Google’s TAG has committed to continued action in identifying these malicious actors and share all relevant information to governments and industry so that we are aware of these issues and can try to protect our users as best as we can.

No comments:

Post a Comment