Cyber Security
Ukraine says local govt sites hacked to push fake capitulation news
The Security Service of Ukraine (SSU) said today “enemy” hackers are using compromised local government and regional authorities’ websites to push rumors that Ukraine surrendered and signed a peace treaty with Russia.
SSU revealed this in a tweet further distributed by Ukraine’s State Service for Special Communication and Information Protection (SSSCIP) to Ukrainian Twitter users.
“WARNING! ANOTHER FAKE! The enemy has broken into some sites of regional authorities and local governments and spreads through them lies about the alleged ‘capitulation and signing of a peace treaty with Russia’,” the SSU said, as Reuters first reported.
The Ukrainian Parliament also issued a similar alert, saying the Public Broadcaster News in Kherson was taken over with plans to spread disinformation about Ukraine surrendering and “signing of the peace treaty with the Russian Federation.”
SSU warned Tuesday that Russia’s Main Directorate of the General Staff of the Armed Forces (also known as GRU) is using Telegram channels to disseminate fake information.
Ukraine also targeted by phishing, malware attacks
Since Russia’s invasion, Ukrainian networks and organizations have been under a constant barrage of cyberattacks.
The Computer Emergency Response Team of Ukraine (CERT-UA) and Facebook warned of phishing campaigns against Ukrainian officials and military personnel.
Both attributed these campaigns to a hacking group tracked as UNC1151 or Ghostwriter and linked with high confidence by Mandiant researchers to the Belarusian government.
On Wednesday, cybersecurity firm Proofpoint said it spotted spear-phishing attacks targeting European government personnel aiding Ukrainian refugees. This campaign aligns and is likely related to July 2021 phishing attacks also to the Ghostwriter hacking group.
Ukrainian officials are not the only ones targeted in such attacks, as SSSCIP revealed one day after the start of the war, saying that a separate series of phishing attacks also began targeting Ukrainians with malicious documents.
These warnings come on the heels of malware attacks using ransomware decoys and destructive HermeticWiper and WhisperGate wiper malware aiming to destroy data on targets’ devices and render them unbootable.
Ukraine’s Vice Prime Minister Mykhailo Fedorov also announced over the weekend the creation of an “IT army” that would help the country “fight on the cyber front.”