Hackers from Russia Utilizing Graphiron Malware to Obtain Information from Ukraine

A new malicious software program, called Graphiron, has been discovered by the Broadcom-owned Symantec security firm. It is believed to be the work of a Russian-linked espionage group known as Nodaria, which is tracked by the Computer Emergency Response Team of Ukraine (CERT-UA). Graphiron is written in the Go programming language and is designed to steal a variety of information from infected computers, including system information, credentials, screenshots, and files. Nodaria has been active since at least April 2021 and has been using SaintBot and OutSteel malware in spear-phishing attacks against government entities since January 2022. The group has also deployed custom backdoors such as GraphSteel and GrimPlant in various campaigns since the Russian military invasion of Ukraine. Graphiron is an improved version of GraphSteel, and is capable of running shell commands and harvesting system information, files, credentials, screenshots, and SSH keys. It is also noteworthy that Graphiron uses Go version 1.18, which was released in March 2022, suggesting that it is a more recent development. The infection chain involves a downloader that retrieves an encrypted payload containing the Graphiron malware from a remote server. Nodaria is now one of the key players in Russia's ongoing cyber campaigns against Ukraine, according to Symantec.

This Cyber News was published on thehackernews.com. Publication date: Wed, 08 Feb 2023 15:02:02 +0000


Cyber News related to Hackers from Russia Utilizing Graphiron Malware to Obtain Information from Ukraine

Hackers from Russia Utilizing Graphiron Malware to Obtain Information from Ukraine - A new malicious software program, called Graphiron, has been discovered by the Broadcom-owned Symantec security firm. It is believed to be the work of a Russian-linked espionage group known as Nodaria, which is tracked by the Computer Emergency ...
1 year ago Thehackernews.com
Exclusive: Ukraine says joint mission with US derailed Moscow's cyberattacks - On a Wednesday afternoon in late September, the head of the cyber division of Ukraine's intelligence service, Illia Vitiuk, sat down to discuss something that Ukraine had previously kept close to the vest - specifically how much a joint hunt forward ...
10 months ago Therecord.media
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
1 year ago Securityweek.com
Hackers from Russia Utilizing a Fresh Graphiron Data Thief in Ukraine - Nodaria, a Russian hacking group, has been using a new type of malware called Graphiron to steal data from Ukrainian organizations. Graphiron is a Go-based malware that is capable of harvesting a wide range of information, including account ...
1 year ago Bleepingcomputer.com
Ukraine security services involved in hack of Russia's largest private bank - Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News. Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, ...
10 months ago Therecord.media
Russia Set to Ramp Up Attacks on Ukraine's Allies This Winter - Russia is set to ramp up cyber campaigns targeting Ukraine's allies as kinetic warfare slows this winter, according to a report by Cyjax. Researchers noted that Russia's missile production is struggling to keep pace with its tactical, operational and ...
9 months ago Infosecurity-magazine.com
Ukrainian hackers disrupt internet providers in Russia-occupied territories - Ukrainian hackers have temporarily disabled internet services in parts of the country's territories that have been occupied by Russia. The group of cyber activists known as the IT Army said on Telegram that their distributed denial-of-service attack ...
10 months ago Therecord.media
Ukrainian military says it hacked Russia's federal tax agency - The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, ...
9 months ago Bleepingcomputer.com
NATO Draws a Cyber Red Line in Tensions With Russia - There has long been a military red line that NATO says Russia must not cross. Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks. This is clearly a strong and ...
4 months ago Securityweek.com
NATO Draws a Cyber Red Line in Tensions With Russia - There has long been a military red line that NATO says Russia must not cross. Germany took a very strong diplomatic position, summoning Russia's representative, and then recalling its own Russian ambassador for talks. This is clearly a strong and ...
4 months ago Packetstormsecurity.com
Ukraine says Russia hacked web cameras to spy on targets in Kyiv - Ukraine's security officers said they took down two online surveillance cameras that were allegedly hacked by Russia to spy on air defense forces and critical infrastructure in Ukraine's capital, Kyiv. The cameras were installed on residential ...
9 months ago Therecord.media
Monthly Overview of Global Threats Involving IronNet - At the beginning of each month, we will be releasing blogs that analyze the intersection of geopolitical activity and cyber operations. We will be focusing on the strategies and motivations of Russia, China, Iran, and North Korea that could be a ...
1 year ago Ironnet.com
Russian hackers wiped thousands of systems in KyivStar attack - The Russian hackers behind a December breach of Kyivstar, Ukraine's largest telecommunications service provider, have wiped almost all systems on the telecom operator's network. Following the incident, Kyivstar's mobile and data services went down, ...
9 months ago Bleepingcomputer.com
EU Formalizes Cybersecurity Support For Ukraine - The EU has cemented ties with Ukraine on cybersecurity cooperation, with a new formal agreement designed to improve information sharing and capacity building. Announced today, the agreement formalizes discussions begun in Warsaw during the EU-Ukraine ...
10 months ago Infosecurity-magazine.com
Ukraine says it hacked Russian aviation agency, leaks data - Ukraine's intelligence service, operating under the Defense Ministry, claims they hacked Russia's Federal Air Transport Agency, 'Rosaviatsia,' to expose a purported collapse of Russia's aviation sector. Rosaviatsia is the agency responsible for ...
10 months ago Bleepingcomputer.com
New Report Uncovers NikoWiper Malware Used to Attack Ukraine Energy Sector - The Russia-affiliated Sandworm used yet another wiper malware strain dubbed NikoWiper as part of an attack that took place in October 2022 targeting an energy sector company in Ukraine. The NikoWiper is based on SDelete, a command line utility from ...
1 year ago Thehackernews.com
Variants of RussianSupported Gamaredons Malware Aimed at Ukrainian Government Agencies - The State Cyber Protection Centre of Ukraine has identified the Russian state-sponsored threat actor known as Gamaredon for its cyber attacks on public authorities and critical information infrastructure in the country. This advanced persistent ...
1 year ago Thehackernews.com
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
10 months ago Bleepingcomputer.com
How to Remove Malware + Viruses - Malware removal can seem daunting after your device is infected with a virus, but with a careful and rapid response, removing a virus or malware program can be easier than you think. We created a guide that explains exactly how to rid your Mac or PC ...
5 months ago Pandasecurity.com
Types of Malware and How To Prevent Them - Malware is one of the biggest security threats to any type of technological device, and each type of malware uses unique tactics for successful invasions. Even if you've downloaded a VPN for internet browsing, our in-depth guide discusses the 14 ...
3 months ago Pandasecurity.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
4 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
4 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
4 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
4 months ago Cybersecurity-insiders.com
Stemming the Tide: Solving the Challenge of Password Reuse and Password-Stealing Malware - Password stealing malware is again rising with several attacks making the news cycle in recent months. A new password-stealing malware named Ov3r Stealer was discovered on Facebook Ads, spreading by way of fake job opportunities. Further analysis ...
4 months ago Cybersecurity-insiders.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)