New Threat Findings from Trellix on Ukraine

As the Russia-Ukraine war continues to unfold in the cyber space, Ukraine recently narrowed averted a serious cyber-attack on its power grid.

Following a 6-months investigation into the ongoing cyber war, Trellix today unveiled its latest findings – which showcase cyberattacks done in tandem with the Russian offence to destabilize the Ukrainian government and infrastructure, including:

  • Ministry of Defense of Ukraine phishing attempts – actors impersonating the Ministry of Defense of Ukraine to steal login details and critical information from numerous government figures
  • Widespread Wiper attacks – aggressive deployments of over 18 wipers to disrupt Ukrainian communication systems, in some cases specifically targeting networks with multiple attacks when one wiper failed to execute
  • Conti – whose announced allegiance to Russia created an internal schism, leading members to leak data internal chats that reveal that Conti is organized and operates as a regular multi-million dollar enterprise with HR, training departments, call center, teams of adverts, coders, testers, reversers, etc.

More information can be found here.