Russian Hackers Plan to Target Businesses and Organizations Amid Ukraine Invasion, Google Says

cybercriminals
cybercriminals Unsplash/Mika Baumeister

Google's Threat Analysis Group or TAG announced that several notorious hacking groups from Russia, China, Iran, and North Korea are taking advantage of Russia's war in Ukraine to carry out cyberattack and entice victims worldwide.

The hacking groups are said to use different themes related to the war to steal login credentials, personal information, and money from its victims.

Google Warns of Hacking Groups

According to ZDNET, the Threat Analysis Group released a list of the current hacking groups that businesses and individuals need to look out for. One of the hacking groups is Coldriver, also known as Calisto, which is Russian-based.

Forbes reported that Coldriver's targets had been organizations based in the United States, the military of several European countries, a defense contractor based in Ukraine, and NATO Center of Excellence.

The hacking group would create new Gmail accounts so they could send phishing emails to their victims. The links in the said emails would redirect victims to a website that will gather their credentials.

Google's TAG also named the cyber-threat group Ghostwriter that is based in Belarus. The group is known to simulate a browser to spoof domains and exploit them to host websites made to steal the login credentials of its victims.

Once the victim enters their username and password, the details are sent to a domain controlled by Ghostwriter, where they are stored and can be used to conduct attacks.

The third group revealed by Google's TAG is a hacking group connected to China's Liberation Army called Curious Gorge. This hacking group uses the situation in Ukraine to lure victims and would conduct campaigns against government and military organizations in Ukraine, Russia, Mongolia, and Kazakhstan.

TAG also noted that one cyber-criminal operation would impersonate military personnel and would demand payments in exchange for rescuing people stuck in Ukraine.

Billy Leonard, the security engineer at Google's Threat Analysis Group, said that the group would continue to bring awareness to cybercrimes issues to protect businesses and individuals. The group is also working on preventing the attacks from happening in the future.

Google revealed the name of notorious hacking groups that came after Lapsus$, a group consisting of teen cybercriminals, attacked the security firm Okta.

Lapsus$ admitted to being the group behind the data breach suffered by massive tech companies such as Microsoft, Nvidia, and Samsung.

On Mar. 30, TechTimes reported that Lapsus$ stole 70GB of data from Globant, an international software development firm headquartered in Luxembourg and Apple Health's partner.

In 2021, Google discovered North Korea's hacking group APT hackers.

In the same year, Google and Microsoft pledges $30 billion to cybersecurity.

Related Article: Google Docs Users Beware! New Phishing Campaign Uses Comment Feature to Send Malicious Emails

This article is owned by Tech Times

Written by Sophie Webster

ⓒ 2024 TECHTIMES.com All rights reserved. Do not reproduce without permission.
Join the Discussion
Real Time Analytics