• chevron_right

      Hackers with Conti cybercrime group are repurposing tools for attacks on Ukraine

      news.movim.eu / ArsTechnica · Wednesday, 7 September, 2022 - 23:30

    Hackers with Conti cybercrime group are repurposing tools for attacks on Ukraine

    Enlarge (credit: Getty Images)

    Financially motivated hackers with ties to a notorious Conti cybercrime group are repurposing their resources for use against targets in Ukraine, indicating that the threat actor's activities closely align with the Kremlin's invasion of its neighboring country, a Google researcher reported on Wednesday .

    Since April, a group researchers track as UAC-0098 has carried out a series of attacks that has targeted hotels, non-governmental organizations, and other targets in Ukraine, CERT UA has reported in the past . Some of UAC-0098's members are former Conti members who are now using their sophisticated techniques to target Ukraine as it continues to ward off Russia's invasion, Pierre-Marc Bureau, a researcher in Google's Threat Analysis said.

    An unprecedented shift

    "The attacker has recently shifted their focus to targeting Ukrainian organizations, the Ukrainian government, and European humanitarian and non-profit organizations," Bureau wrote. "TAG assesses UAC-0098 acted as an initial access broker for various ransomware groups including Quantum and Conti, a Russian cybercrime gang known as FIN12 / WIZARD SPIDER."

    Read 5 remaining paragraphs | Comments