Russia’s Two-Year War with Ukraine Includes Cyber Warfare and Misinformation Components
Researchers in cybersecurity have discovered a new Russian disinformation campaign. The target: Ukraine. The campaign is utilizing spam emails for spreading false information related to war.
What’s Happening & Why This Matters
The involvement of the Russian-linked threat group, which aimed to obtain Microsoft login credentials by setting up fake web pages, was found by the Slovak cybersecurity firm ESET. In addition, a spear-phishing attack on a defense company in Ukraine and a European Union agency were identified in association with this operation in October and November 2023, respectively. Referred to as Operation Texonto, the campaign was composed of two waves of disinformation in November and December. PDF attachments accompanied the emails, discussing heating interruptions, drug shortages, and food shortages.
The first wave specifically targeted numerous recipients in Ukraine, including the government and energy companies. The source of the email is a domain disguised as the Ministry of Agrarian Policy and Food of Ukraine, with contents pertaining to drug shortages and misused logos of the Ministry of Health of Ukraine. In the second wave, which began on December 25, the targeting expanded to Ukrainian speakers in other European countries, with emails suggesting self-harm to avoid military deployment.
t/f Summary: More Attacks To Come?
ESET noticed that one of the domains used to send phishing emails in December, infonotification[.]com, started sending out hundreds of spam messages in January redirecting recipients to a bogus Canadian pharmacy website, indicating a weird shift in tactics towards financial exploitation.
This development took place while Meta found and took down coordinated inauthentic behavior networks originating from China, Myanmar, and Ukraine. It also reported a decline in engagement with Russian state-controlled media content on social media.