About past, present and future of Ukraine

Search mobile

Main War The Russian intelligence is using new spyware software

War

The Russian intelligence is using new spyware software

374
The Russian intelligence is using new spyware software

Share this article

Malicious software code developed by a group linked to Russian intelligence was discovered in Estonia. This computer program is also targeting Ukraine and other Eastern European countries, GD reports.

Russian intelligence continues to infiltrate European networks. On April 17 of this year, WithSecure reported the existence of new malicious software created by Russian intelligence. The new software is called "Kapeka." It is designed for covert access to target computers for the purpose of espionage or the installation of other malicious programs. There is a high probability that previous versions of this software were used for deploying ransomware programs.

"We noticed that this type of software is quite rare. In our research and in research by Microsoft teams, we observed similar scenarios with programs used by the Sandworm group, linked to Russian intelligence, for deploying ransomware programs in logistics companies in Poland, Ukraine," explains Mohammad Kazem Hassan Nejad, a researcher at WithSecure.

Why deploy ransomware programs, which are usually used by cybercriminals to paralyze systems and demand ransom?

"Sandworm is known for its destructive attacks. Instead of launching wiping programs, software programmed to destroy everything, hackers associated with intelligence cast doubt on their identity by using cybercriminal tools," comments a cybersecurity expert.

 

odessajournal 0

 

Sandworm is behind historic cyberattacks, such as attacks on the Ukrainian power grid, the Winter Olympics in South Korea, and espionage against the International Criminal Court.

Similar types of cyberattacks have been discovered in Ukraine. After deploying this software, information about the infected machine and its user is collected. It can also execute other programs and update its own functions, allowing hackers to initially infect a range of targets and release a more comprehensive version if the victim is deemed high-value.

According to the report, the development of "Kapeka" follows the ongoing war in Ukraine, "where victims have been discovered." Most likely, the software has already been used in destructive attacks, including attacks on companies in Central and Eastern Europe, which have been heavily targeted by Russian intelligence since the invasion of Ukraine in February 2022.

The Odessa Journal
more articles

Top article

The Ministry of Defense has signed a contract for the construction of a service center for repairing drones in Ukraine
War

The Ministry of Defense has signed a contract ...

Dmytro Kuleba: Ukraine and Croatia have agreed to use Croatian ports for exporting Ukrainian grain
Business

Dmytro Kuleba: Ukraine and Croatia have agree ...

New sanctions: Defence industry, political parties and individuals linked to oligarchs
Business

New sanctions: Defence industry, political pa ...

Volodymyr Zelensky: We are preparing for the next Ramstein meeting, we expect solidly grounded decisions to meet the prospects on the battlefield
War

Volodymyr Zelensky: We are preparing for the ...