Search This Blog

Powered by Blogger.

Blog Archive

Labels

Showing posts with label FSB Hackers. Show all posts

The Examination of the Seized Equipment of the Lurk Group did not Reveal the Fact of an Attack on the US Government

 

A law enforcement source said that the examination of the equipment seized from the members of the Lurk hacker group did not reveal traces of attacks on the servers of the American government. During the court session, hacker Konstantin Kozlovsky, who is being held as one of the defendants in the case of the Lurk hacker group, declared his involvement in hacking the servers of the Democratic Party of the USA, as well as in hacking Hillary Clinton's mail. 

However, the examination showed that this is not the case. "The examination was carried out by the security forces together with the leading companies in the field of information security in Russia, all seized equipment, media, communications were checked. No evidence of attacks on the U.S. government was found. Also, the group members did not discuss it in the seized correspondence," the source said. 

He added that the investigation did not establish a connection between Kozlovsky and any FSB officers. "If you follow his statements, they always follow the high-profile hacking topics in the media, to which he is trying to link his criminal case: first it was Russian interference in the US elections, then, when information about the arrest of employees of the FSB Information Security Center appeared in the media, he also mentioned it. 

Even in the list of those involved in the attack on American information resources, published by the US Department of Justice, there is neither Kozlovsky himself nor other members of the Lurk group," the source explained. 

The detention of a group of Lurk hackers became known on June 1, 2016. There are 22 people in the dock. According to investigators, the participants of the hacker group stole 1 billion 264 million rubles (16.7 million dollars) from commercial companies and banks. 

They also hacked the network of Yekaterinburg Koltsovo airport and copied information from servers. It should be noted that Kozlovsky is not the first to try on the role of a hacker of the servers of the Democratic Party. Previously, a hacker with the nickname Guccifer 2.0 took responsibility for hacking. The user called himself a Romanian hacker, but spoke Romanian with machine translation errors.

Microsoft: Russian FSB Hackers Compromising Ukraine Since October

 

Microsoft recently reported that a group of cybercriminals that are controlled by Russian intelligence known as Gamredon has been targeting various organizations in Ukraine, including a western government entity. 

The group is behind a streak of spear-phishing emails attacking Ukrainian entities since October 2021. Linked by Ukraine's security (SSU) and secret (SBU) services to Russia's Federal Security Service (FSB), the country's domestic intelligence service, this cybercriminal group is also known as Armageddon, ACTINIUM, and Primitive Bear. 

According to the report, in recent months, the military advisers and cyber threat experts from the United States and other allies have been sent to Ukraine to help defend against Russian forces, now massed on the neighboring country's borders. 

In a report issued on Friday, Microsoft Corp (MSFT.O) said the group has been designed to obtain private data from various departments of the government entities, military, and non-governmental organizations in Ukraine since the last October. The report has shown a screenshot of one such attempt, in which an email can be seen, embedded with malicious links, impersonated as an official notification from the World Health Organization (WHO) on the COVID-19 pandemic. 

"MSTIC has observed ACTINIUM targeting organizations in Ukraine spanning government, military, non-government organizations (NGO), judiciary, law enforcement, and non-profit, with the primary intent of exfiltrating sensitive information, maintaining access, and using acquired access to move laterally into related organizations," Microsoft added. 

"Since October 2021, ACTINIUM has targeted or compromised accounts at organizations critical to emergency response and ensuring the security of Ukrainian territory, as well as organizations that would be involved in coordinating the distribution of international and humanitarian aid to Ukraine in a crisis." 

In November, Ukrainian security services had publicly imputed Gamaredon to a team of Russian Federal Security Service intelligence from Crimea. In this regard, the Russian Embassy in Washington did not respond immediately. 

“They were officers of the ‘Crimean’ FSB, as well as traitors who sided with the enemy during the occupation of the peninsula in 2014,” Ukraine's security service said in a November news release, publicizing leaked audio of the hackers.