The Security Service of Ukraine (SSU) said today “enemy” hackers are using compromised local government and regional authorities’ websites to push rumors that Ukraine surrendered and signed a peace treaty with Russia.
SSU revealed this in a tweet further distributed by Ukraine’s State Service for Special Communication and Information Protection (SSSCIP) to Ukrainian Twitter users.
“WARNING! ANOTHER FAKE! The enemy has broken into some sites of regional authorities and local governments and spreads through them lies about the alleged ‘capitulation and signing of a peace treaty with Russia’,” the SSU said, as Reuters first reported.
The Ukrainian Parliament also issued a similar alert, saying the Public Broadcaster News in Kherson was taken over with plans to spread disinformation about Ukraine surrendering and “signing of the peace treaty with the Russian Federation.”
SSU warned Tuesday that Russia’s Main Directorate of the General Staff of the Armed Forces (also known as GRU) is using Telegram channels to disseminate fake information.
Ukraine also targeted by phishing, malware attacks
Since Russia’s invasion, Ukrainian networks and organizations have been under a constant barrage of cyberattacks.
Both attributed these campaigns to a hacking group tracked as UNC1151 or Ghostwriter and linked with high confidence by Mandiant researchers to the Belarusian government.
On Wednesday, cybersecurity firm Proofpoint said it spotted spear-phishing attacks targeting European government personnel aiding Ukrainian refugees. This campaign aligns and is likely related to July 2021 phishing attacks also to the Ghostwriter hacking group.
Ukrainian officials are not the only ones targeted in such attacks, as SSSCIP revealed one day after the start of the war, saying that a separate series of phishing attacks also began targeting Ukrainians with malicious documents.