Suspected Russian state-sponsored cyberespionage group targets Ukrainian officials

In early 2021, the Russian government-linked cyberespionage group Gamaredon engaged in a spear-phishing operation targeting Ukrainian government officials, according to CyberScoop. Ukraine’s main security services, the SBU, has accused Gamaredon-linked hackers of working on behalf of Russia’s Federal Security Service, or FSB. According to the cybersecurity firm Anomali, which exposed the operation targeting Ukrainian officials, the hacking group sent emails posing as trusted contacts and distributed malware through deceptive .docx attachments. The documents centered on current political and security affairs and were likely private and legitimate files illicitly obtained and weaponized by the hacking group. Anomali was unable to determine the ultimate objective of the group’s campaign.

About This Incident

Threat Actors: Russia

Incident Metadata

Date: Jan 2021
Country: Ukraine