Tag: RUSSIA

North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware
Summary: An ongoing cyber campaign targeting freelance software developers has been linked to North Korean hacking groups, utilizing job interview lures to distribute two malware families, BeaverTail and InvisibleFerret. The campaign, named DeceptiveDevelopment, primarily aims to steal cryptocurrency information, employing fake recruiter profiles and infected codebases on popular platforms.…
Read More
Russia-Linked Actors Exploiting Signal Messenger’s “Linked Devices” Feature for Espionage in Ukraine 
The Google Threat Intelligence Group has revealed that Russia-aligned threat actors are conducting a cyber espionage operation targeting Signal Messenger accounts, specifically focusing on military personnel, politicians, journalists, and activists. This campaign involves using phishing attacks, malware, and manipulations of Signal’s linked devices functionality to access sensitive communications.…
Read More
Cracked Games, Cryptojacked PCs: The StaryDobry Campaign
Summary: A cyber campaign named StaryDobry targeted users globally, distributing the XMRig cryptominer through trojanized versions of popular games shared on torrent sites during the holiday season. The sophisticated malware incorporated multiple evasion techniques to prevent detection and primarily affected individual users, with notable cases in Russia, Brazil, Germany, Belarus, and Kazakhstan.…
Read More
Australian Critical Infrastructure Faces ‘Acute’ Foreign Threats
Summary: Australian intelligence warns that foreign nations are increasingly attempting to sabotage the country’s critical infrastructure, utilizing advanced technologies like AI for espionage and disinformation. ASIO’s annual threat assessment highlights the imminent threats posed by authoritarian regimes aiming to disrupt operational capabilities and social cohesion in Australia.…
Read More
Hackers Exploit Signal’s Linked Devices Feature to Hijack Accounts via Malicious QR Codes
Summary: Multiple Russia-aligned threat actors are exploiting the Signal messaging app to gain unauthorized access to user accounts through malicious QR codes and phishing tactics. These codes, disguised as legitimate invites or alerts, allow attackers to link their devices to victims’ accounts, enabling real-time eavesdropping on conversations.…
Read More
Russian state hackers spy on Ukrainian military through Signal app
Summary: Russian state-backed hackers are increasingly targeting Signal messenger accounts, especially those used by Ukrainian military personnel and officials, in an effort to gather sensitive information. Google’s security team reported that the use of phishing techniques, including exploiting Signal’s “linked devices” feature, has made these accounts particularly vulnerable.…
Read More
How Russian Hackers Are Exploiting Signal ‘Linked Devices’ Feature for Real-Time Spying
Summary: Mandiant has raised concerns over multiple Russian hacking groups exploiting Signal Messenger’s “linked devices” feature to intercept communications by tricking users into linking their devices. This method allows attackers to receive real-time copies of messages without breaching encryption. The misuse of this feature poses significant risks to users, especially military personnel, politicians, journalists, and activists.…
Read More
Cracked Garry’s Mod, BeamNG.drive games infect gamers with miners
Summary: The “StaryDobry” malware campaign targeted gamers with trojanized versions of popular games like Garry’s Mod and BeamNG.drive, leading to extensive cryptominer infections. It began in late December 2024, employing a sophisticated multi-stage infection process that utilized torrents to distribute the harmful payload. Kaspersky has linked this campaign to a Russian-speaking actor but could not definitively attribute it to any known threat group.…
Read More

Victim: Bushmans Country : US Actor: play Source: http://mbrlkbtq5jonaqkurjwmxftytyn2ethqvbxfu4rgjbkkknndqwae6byd.onion/index.php?page=1topic.php?id=tLUJgCWZHJuDk4 Discovered: 2025-02-17 21:44:23.850392 Published: 2025-02-17 21:42:53.814246 Description :Geography: The United States is located in North America, bordered by Canada to the north and Mexico to the south. Government: The U.S. operates as a federal republic, with a system of government that includes the executive, legislative, and judicial branches.…
Read More
Russian State Hackers Target Organizations With Device Code Phishing
Summary: A Russia-linked threat actor, tracked as Storm-2372, is executing a widespread device code phishing campaign targeting various sectors including government and private organizations globally. Using authentication codes to bypass conventional security measures, the actor has successfully compromised numerous accounts while maintaining persistence through stolen tokens.…
Read More
Summary: Microsoft Threat Intelligence unveiled the BadPilot campaign, a cyber espionage operation by the Russian hacking group Seashell Blizzard, which has been active since 2021. Targeting critical sectors and government organizations globally, the subgroup utilizes sophisticated techniques to maintain persistent access to compromised systems, especially in geopolitically significant regions.…
Read More
Estonian spy chief: ‘Hybrid schmybrid, what’s happening is attacks’
Summary: The head of the Estonian Foreign Intelligence Service, Kaupo Rosin, critiqued the term “hybrid” used to describe Russian tactics of sabotage and subversion, calling it misleading and insufficient. He emphasized the need for stronger measures against threats, citing Estonia’s proactive legal framework and significant military support to Ukraine.…
Read More
APT44: The Evolution of a Cyber Threat – From Power Grid Attacks to the BadPilot Campaign
APT44, a Russian state-sponsored hacking group, has conducted numerous high-profile cyberattacks targeting critical infrastructure and government entities globally, such as the Ukrainian power grid and the NotPetya malware attack. Their recent ‘BadPilot’ campaign demonstrates a continued effort to breach various sectors, highlighting an ongoing threat to cybersecurity.…
Read More
GZR Observer Daily, Feb 15, 2025
The article discusses China’s expanding influence in the Pacific region through multiple cooperation agreements with the Cook Islands. It also highlights various geopolitical issues, economic developments, and cybersecurity threats faced by different countries, emphasizing the complex international landscape. Affected: Cook Islands, China, U.S., Ukraine, Sudan, Hong Kong, Russia, organizations using SonicWall and Palo Alto Networks firewalls

Keypoints :

China signed multiple cooperation agreements with the Cook Islands to strengthen its economic presence in the Pacific.…
Read More