Friday, March 29, 2024
HomeSECURITYAllegedly, the Russian group Winter Vivern attacks government organizations in different countries

Allegedly, the Russian group Winter Vivern attacks government organizations in different countries

-


Allegedly, the Russian group Winter Vivern attacks government organizations in different countries

SentinelOne experts described the cybercriminals as creative, discreet and reasonable.

According to analysis conducted by a cybersecurity company SentinelOne, a hacker group tracked under the name “Winter Vivern”, is very creative and always carefully chooses the targets for their attacks so as not to waste available resources in vain. The company’s report states that cybercriminals act in the interests of Russia and Belarus.

According to SentinelOne, the Winter Vivern group targets various government agencies and private enterprises, including telecommunications companies that support Ukraine. The list also includes Polish government agencies, the foreign ministries of Ukraine and Italy, as well as individuals in the government of India.

Analysts started tracking Winter Vivern in 2021. At first, the grouping did not differ in the special scale and significant damage of attacks, but then it greatly “increased momentum”. According to the researchers, the Winter Vivern hackers used fake websites and distributed malicious documents tailored to the specific needs of target organizations.

One of the strains of malware delivered by hackers is called “Aperetif”. It was hosted on compromised WordPress sites that are commonly used to spread malware. Aperetif reportedly allowed hackers to take screenshots of victims’ desktops, scan folders on the desktop for files with specified extensions, and upload them to a remote server.

SentinelOne has this to say about the Winter Vivern hackers: “Their ability to lure targets and target governments and critical private businesses demonstrate the level of sophistication and strategic intent in their operations.”

Russian hackers have recently been increasingly accused of malicious activities aimed at government agencies in different countries. Literally yesterday we wrote that similar conclusions were reached by threat analysts from Microsoft in their latest report. Any information of similar content should now be treated with a great deal of skepticism, because the level of anti-Russian propaganda is currently extremely high, especially abroad.



Source link

www.securitylab.ru

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular