Russian Hackers Target Ukrainian Military Devices in Sophisticated Cyber Campaign

Microsoft reveals that Russian-linked group 'Secret Blizzard' exploited cybercriminal tools to attack Starlink-connected military devices in Ukraine.

Microsoft identified 'Secret Blizzard,' a hacking group tied to Russia's FSB, targeting Ukrainian military devices connected to Starlink satellite internet.
The group leveraged tools and infrastructure from other hacking entities, including the Amadey botnet and Storm-1837, to obscure their origins and complicate attribution.
Key malware used in the attacks included Tavdig, a reconnaissance backdoor, and KazuarV2, an advanced tool for long-term espionage and data exfiltration.
The campaign, conducted earlier in 2024, focused on gathering intelligence from high-value targets such as frontline military devices and drone operations.
Microsoft's findings highlight a broader strategy by 'Secret Blizzard' to co-opt third-party hacking tools and infrastructure for espionage since at least 2017.