Google security team: Hackers lure victims with files on Ukraine war5. May 2022
Google security team: Hackers lure victims with files on Ukraine war
San Francisco, 5/5/2022
According to Google, state-backed hackers and cybercriminals from China, Iran, North Korea and Russia are increasingly using the Russian-Ukrainian war theme.
One of the main threat actors is Curious Gorge, attributed to the People’s Liberation Army Strategic Support Force of China’s People’s Liberation Army, which has already attacked government, military, logistics, and manufacturing organizations in Ukraine, Russia, and Central Asia.
A China-linked, government-backed hacking group known as Mustang Panda (also known as Bronze President) may have attacked Russian government officials with a Trojan called PlugX.
Other groups involved include Turla (also known as Venomous Bear), COLDRIVER (also known as Calisto), and a Belarusian hacker group called Ghostwrite.