HQ/EMEAFind out how we can help your business
The Russian state-sponsored malicious threat group, Sandworm, allegedly failed a cyberattack attack against Ukraine after its security services claimed it thwarted the attackers’ attempts.
Based on reports, the Ukrainian security services prevented the attack of the Russian cybercriminal group against the country’s military networks using seven variants of new custom malware.
Sandworm is one of the primary culprits of numerous attacks against Ukraine’s organisations and affiliates since the start of Russia’s invasion.
The pro-Russian hacking group, Sandworm, has been a constant attacker of Ukraine since the geopolitical conflict between the two nations started. The group has relentlessly utilised various malware strains that primarily aim to disrupt the target’s critical networks.
However, the Ukrainian-owned cybersecurity agency stated that the most recent attack of the hacking group targets their military information, that includes its locations, operations, equipment, and manoeuvres.
Other reports also said the Russian hackers initially planned to acquire Android tablets that the Ukrainian military uses to design and operate combat missions in the warzone. Additionally, the Sandworm group allegedly wanted to access other linked devices and compromise them with malware via the stolen tablets.
The Ukrainian security services explained that the Russian hackers prepared thoroughly to execute their plans. Sandworm operators allegedly generated about seven novel information-stealing malware strains that could infect Android devices, including NETD to run internal intelligence, DROPBEAR and TOR to acquire remote access, and DEBLINK to steal data.
The actors have also gone as far as creating a malware strain infecting devices connected to Starlink satellite internet since most of the Ukrainian military depends on satellite internet. Starlink has been a crucial tool for Ukraine’s soldiers since it helped them send encrypted messages to their headquarters or link to drones that survey the enemy forces.
Cybersecurity experts explained that pro-Russian hackers will continue trying different attempts to compromise Ukrainian entities as the geopolitical conflict continues. The main objective of these Russian adversaries is to harvest data from the ground, sea, air, space, and cyberspace that aid Ukraine in resisting their country’s mission.
