Particle.news
Download on the App Store
15 ARTICLES
·
3mo ago

Russia’s GRU Unit 26165 Exposed in Ongoing Cyber Campaign Targeting Ukraine Aid

Eleven Western nations reveal a multi-year cyber-espionage operation aimed at disrupting logistics and technology providers supporting Ukraine's war effort.

This generic image from 2017 shows a computer exploited by computer hackers.
A computer keyboard lit by a displayed cyber code is seen in this illustration picture taken on March 1, 2017. REUTERS/Kacper Pempel/Illustration/File Photo
Image
Hackers broke into thousands of cameras to gain real-time visibility of transport routes in and out of Ukraine

Overview

  • A joint advisory from the US, UK, and nine other nations attributes a sustained cyber campaign to Russia’s GRU Unit 26165, also known as Fancy Bear or APT28.
  • The campaign, active since February 2022, targets organizations in defense, transport, maritime, air traffic, and IT sectors aiding Ukraine.
  • Hackers used tactics such as credential guessing, spear-phishing, and Microsoft Exchange exploits to infiltrate networks and monitor aid shipments.
  • Thousands of internet-connected cameras at Ukrainian border crossings and key locations were compromised to track aid movements.
  • Organizations are urged to implement multi-factor authentication, patch vulnerabilities, and enhance monitoring to mitigate ongoing threats.