Next Wave of Ukraine Attacks – DDoS, Malicious Tools, and Infrastructure Disruptions

Next-Wave-of-Ukraine-Attacks-DDoS-Malicious-Tools-and-Infrastructure-Disruptions.

 

There have been active cyberattacks against the governments and companies of both countries since the beginning of the Russian-Ukraine war. Researchers have discovered three different DDoS, malware, and infrastructure disruption attacks against Ukraine.

 

Attack by DDoS

Cybercriminals used WordPress sites to install a malicious software that utilises users’ browsers to launch DDoS assaults on Ukrainian websites.

A WordPress site was hacked in order to employ this script, which was used to launch DDoS assaults on ten Ukrainian websites. With a sluggish web browser, the assault happens in the background, without the user’s knowledge.

Government offices, think tanks, financial sites, recruiting sites for the International Legion of Defense of Ukraine, and other pro-Ukraine websites are among the sites targeted.

Disruption of infrastructure

Meanwhile, Ukrtelecom, a fixed-line telecommunications company, has become the target of yet another hack. The hack was one of the most serious since the Russian invasion, disrupting services throughout the nation.

It was unclear if Ukrtelecom was subjected to a DDoS attack or a more sophisticated infiltration.

In reaction to consumer comments on Facebook, Ukrtelecom admitted the hack.

An assault with ransomware

The Ukraine CERT has issued a warning on the GhostWriter APT group’s use of Cobalt Strike Beacon to target governmental entities.

A spear-phishing effort was carried out by the Belarus-based APT organisation.

A Saboteurs[.]rar archive is used in the phishing mails, which includes the RAR-archive Saboteurs 21[.]03[.]rar.

Cobalt Strike Beacon, a malicious application, is delivered at the end of the attack chain.

Conclusion

Parallel to the Russian invasion, there has been a significant surge in cyberattacks directed at Ukraine. It’s possible that future cyberattacks may be launched against Ukrainian targets. As a result, government entities and enterprises should heed the CERT-UA warning to be safe.

By IEMA IEMLabs

IEMLabs is an ISO 27001:2013 and ISO 9001:2015 certified company, we are also a proud member of EC Council, NASSCOM, Data Security Council of India (DSCI), Indian Chamber of Commerce (ICC), U.S. Chamber of Commerce, and Confederation of Indian Industry (CII). The company was established in 2016 with a vision in mind to provide Cyber Security to the digital world and make them Hack Proof. The question is why are we suddenly talking about Cyber Security and all this stuff? With the development of technology, more and more companies are shifting their business to Digital World which is resulting in the increase in Cyber Crimes.

Leave a comment

Your email address will not be published.

This site is under maintenance,
some features might not work!!!