Russian APT Deploys New 'Kapeka' Backdoor in Eastern European Attacks

By: Newsroom — April 17^th 2024 at 13:32

A previously undocumented "flexible" backdoor called Kapeka has been "sporadically" observed in cyber attacks targeting Eastern Europe, including Estonia and Ukraine, since at least mid-2022. The findings come from Finnish cybersecurity firm WithSecure, which attributed the malware to the Russia-linked advanced persistent threat (APT) group tracked as Sandworm (aka APT44 or

News ≈ Packet Storm

Threat Actors Quick To Abuse SSH-Snake Worm-Like Tool

— February 22^nd 2024 at 14:58

WIRED

Hacker Group Linked to Russian Military Claims Credit for Cyberattack on Kyivstar

By: Andy Greenberg — December 13^th 2023 at 15:56

A hacker group calling itself Solntsepek—previously linked to Russia’s notorious Sandworm hackers—says it carried out a disruptive breach of Kyivstar, a major Ukrainian mobile and internet provider.

The Hacker News

Russian Cyber Espionage Group Deploys LitterDrifter USB Worm in Targeted Attacks

By: Newsroom — November 18^th 2023 at 06:32

Russian cyber espionage actors affiliated with the Federal Security Service (FSB) have been observed using a USB propagating worm called LitterDrifter in attacks targeting Ukrainian entities. Check Point, which detailed Gamaredon's (aka Aqua Blizzard, Iron Tilden, Primitive Bear, Shuckworm, and Winterflounder) latest tactics, branded the group as engaging in large-scale campaigns that are

The Hacker News

Russian Hackers Linked to 'Largest Ever Cyber Attack' on Danish Critical Infrastructure

By: Newsroom — November 16^th 2023 at 06:06

Russian threat actors have been possibly linked to what's been described as the "largest cyber attack against Danish critical infrastructure," in which 22 companies associated with the operation of the country's energy sector were targeted in May 2023. "22 simultaneous, successful cyberattacks against Danish critical infrastructure are not commonplace," Denmark's SektorCERT said [PDF]. "The

The Hacker News

Russian Hackers Sandworm Cause Power Outage in Ukraine Amidst Missile Strikes

By: Newsroom — November 10^th 2023 at 12:22

The notorious Russian hackers known as Sandworm targeted an electrical substation in Ukraine last year, causing a brief power outage in October 2022. The findings come from Google's Mandiant, which described the hack as a "multi-event cyber attack" leveraging a novel technique for impacting industrial control systems (ICS). "The actor first used OT-level living-off-the-land (LotL) techniques to

The Hacker News

Inside the Code of a New XWorm Variant

By: The Hacker News — September 19^th 2023 at 11:32

XWorm is a relatively new representative of the remote access trojan cohort that has already earned its spot among the most persistent threats across the globe. Since 2022, when it was first observed by researchers, it has undergone a number of major updates that have significantly enhanced its functionality and solidified its staying power. The analyst team at ANY.RUN came across the newest

Naked Security