Skip to the main content.
Talk to sales Start for free
Talk to sales Start for free

1 min read

Russia-linked Vermin hackers resume operations, target Ukrainian military

Russia-linked Vermin hackers resume operations, target Ukrainian military

Following a two-year hiatus, the pro-Russian hacker group Vermin has reemerged, launching a new espionage campaign targeting Ukraine’s military, according to a new report.

 

What happened

Vermin, allegedly acting on behalf of the Kremlin and controlled by the unrecognized Luhansk People’s Republic (LPR) located in eastern Ukraine, deployed sophisticated malware and legitimate software in a targeted cyber espionage operation against Ukraine’s military. The group aimed to steal sensitive information, including screenshots, authentication data from messaging apps, and browsing histories, from Ukrainian military devices using tools like Spectr malware and SyncThing.

 

The backstory

In March 2022, CERT-UA warned of Vermin's use of Spectr malware to target Ukrainian government infrastructure. On June 4, 2024, Cybersecurity firm Cyble revealed that Ukraine’s Ministry of Defence and a military base were targeted in attacks orchestrated by Belarusian state-sponsored hackers identified as Ghostwriter.

 

What was said

According to cybersecurity experts and Ukraine's CERT-UA: "In their latest campaign, Vermin used sophisticated tactics, including phishing emails and advanced malware, to compromise Ukrainian military systems."

 

In the know

Electronic espionage tactics, like those used by Vermin, stress ongoing cybersecurity challenges amid geopolitical tensions in Eastern Europe. Understanding the methods and tools of such groups helps effectively strengthen cyber defenses.

 

Why it matters

This resurgence shows the persistent threat of cyber warfare and espionage targeting national defense and security infrastructures. That requires enhanced cybersecurity measures and international cooperation to mitigate such threats. 

 

FAQs

What are state-sponsored cyber attacks?

State-sponsored cyber attacks are malicious activities orchestrated or supported by governments or state entities to infiltrate, disrupt, or obtain sensitive information from targeted entities, such as governments, organizations, or individuals.

 

How can organizations defend against state-sponsored cyber attacks?

Organizations can defend against state-sponsored cyber attacks by implementing cybersecurity measures, such as regular security assessments, employee training on phishing and other cyber threats, multi-factor authentication, and keeping software and systems up to date with the latest patches.

 

Why is the importance of cybersecurity in healthcare?

Cybersecurity in healthcare protects sensitive patient information, maintains the integrity of medical records, ensures uninterrupted healthcare services, and safeguards against ransomware attacks that can disrupt patient care and compromise patient safety.

Read more: Unpacking the benefits of cybersecurity in healthcare

Subscribe to Paubox Weekly

Every Friday we'll bring you the most important news from Paubox. Our aim is to make you smarter, faster.