State-sponsored Belarusian hackers targeted the Ministry of Defense of Ukraine and a military base in a new cyber espionage operation, researchers have stated.
This information comes from The record media.
They attributed the attacks to the threat group Ghostwriter, associated with Belarus, known for its attacks on Ukraine, Lithuania, Latvia, and Poland.
During the latest campaign observed in April by researchers from the cybersecurity company Cyble, hackers sent phishing emails to their victims with attachments containing drone image files and a malicious Microsoft Excel spreadsheet.
Researchers claimed to have identified potential victims based on the content of the bait documents.
Cyble researchers stated that Ghostwriter is consistently focused on Ukraine and continuously updates its methods to avoid detection. In recent campaigns, the group's main motivation was likely information theft and gaining remote access to infected systems.
Also on Tuesday, the Ukrainian Computer Emergency Response Team (CERT-UA) warned of cyberattacks on Ukrainian military personnel and defense services using the DarkCrystal malware, which could allow perpetrators to gain remote access to the victim's device.
