06.05.2022

The 6th of May, Cyber News

UKRAINE

Zaporozhye site 061.ua has received new threats from russia

On May 3, the editorial office of of Zaporizhia 061.ua received another poetic letter with threats from the Russian Federation. This was reported by IMI representatives in Zaporizhia region. Threats came from mail.ru from the recipient «Irina Chukarova». The letter threatens criminal liability: «The russian army is a liberator, they are conducting an operation to save lives. And you, propagandists-distributors, cannot avoid criminal responsibility!». Earlier, the editorial staff of the 061.ua website had already received similar threats – March 25March 26 and March 28April 3, 4April 7–11 April 17April 25 [1].

 

russia

Successes of IT ARMY of Ukraine

IT ARMY of Ukraine continues DDOS of the EGAIS system. Due to the attacks, russian manufacturers still had to shut down some plants. russia has already stopped brewing beer [2], [3].

The 6th of May, Cyber NewsThe 6th of May, Cyber News    

New «leakage» from NB65

On May 5, a group of NB65 hackers released 482.5 GB of data from CorpMSP, a federal agency that supports small and medium-sized businesses. The controlling shareholder of CorpMSP is the russian Federation. According to NB65, CorpMSP is also allegedly used as a front company for digital spies and maintains contracts with the Department of Defense [4].

 

WORLD

Experts Uncover New Espionage Attacks by Chinese «Mustang Panda» Hackers

The China-based threat actor known as Mustang Panda has been observed refining and retooling its tactics and malware to strike entities located in Asia, the European Union, Russia, and the U.S. «Mustang Panda is a highly motivated APT group relying primarily on the use of topical lures and social engineering to trick victims into infecting themselves,» Cisco Talos said in a new report detailing the group’s evolving modus operandi. The group is known to have targeted a wide range of organizations since at least 2012, with the actor primarily relying on email-based social engineering to gain initial access to drop PlugX, a backdoor predominantly deployed for long-term access. Phishing messages attributed to the campaign contain malicious lures masquerading as official European Union reports on the ongoing conflict in Ukraine or Ukrainian government reports, both of which download malware onto compromised machines. Also observed are phishing messages tailored to target various entities in the U.S. and several Asian countries like Myanmar, Hong Kong, Japan, and Taiwan [5].

The 6th of May, Cyber News