CyberSecurityBoard
Sponsor Register Login

Russian spy groups Turla, Gamaredon target Ukraine

Russian state-sponsored cyber espionage groups Turla and Gamaredon have intensified their cyber operations targeting Ukraine amid ongoing geopolitical tensions. These advanced persistent threat (APT) groups are known for their sophisticated tactics, techniques, and procedures (TTPs) aimed at gathering intelligence and disrupting Ukrainian governmental and military communications. Turla, also known as Snake or Uroburos, is notorious for its stealthy malware and long-term infiltration capabilities, while Gamaredon focuses on spear-phishing campaigns and credential harvesting to gain access to sensitive networks. The cyberattacks involve the deployment of custom malware strains and exploitation of vulnerabilities to maintain persistence and exfiltrate data. This surge in cyber activity underscores the critical need for enhanced cybersecurity measures and international cooperation to defend against state-sponsored cyber threats. Organizations in Ukraine and allied nations are urged to implement robust detection and response strategies to mitigate the risks posed by these espionage campaigns. Continuous monitoring, threat intelligence sharing, and employee awareness training are vital components in countering these sophisticated cyber adversaries. The evolving tactics of Turla and Gamaredon highlight the dynamic nature of cyber warfare and the importance of proactive defense mechanisms in protecting national security interests.

This Cyber News was published on therecord.media. Publication date: Fri, 19 Sep 2025 16:20:24 +0000


Cyber News related to Russian spy groups Turla, Gamaredon target Ukraine

Latvia confirms phishing attack on Ministry of Defense, linking it to Russian hacking group - The Russian cyber-espionage group known as Gamaredon may have been behind a phishing attack on Latvia's Ministry of Defense last week, the ministry told The Record on Friday. Hackers sent malicious emails to several employees of the ministry, ...
2 years ago Therecord.media
Exclusive: Ukraine says joint mission with US derailed Moscow's cyberattacks - On a Wednesday afternoon in late September, the head of the cyber division of Ukraine's intelligence service, Illia Vitiuk, sat down to discuss something that Ukraine had previously kept close to the vest - specifically how much a joint hunt forward ...
2 years ago Therecord.media
Russian spy groups Turla, Gamaredon target Ukraine - Russian state-sponsored cyber espionage groups Turla and Gamaredon have intensified their cyber operations targeting Ukraine amid ongoing geopolitical tensions. These advanced persistent threat (APT) groups are known for their sophisticated tactics, ...
2 months ago Therecord.media Turla Gamaredon
Gamaredon Group Launches New Cyberattacks in 2023 - In early 2023, the Gamaredon group, a cybercrime group with ties to Russian government-backed attackers, struck again with new attacks targeting government agencies across Europe. The group has already been linked to numerous malware campaigns and ...
2 years ago Thehackernews.com Gamaredon Group
Gamaredon's LittleDrifter USB malware spreads beyond Ukraine - A recently discovered worm that researchers call LittleDrifter has been spreading over USB drives infecting systems in multiple countries as part of a campaign from the Gamaredon state-sponsored espionage group. Malware researchers saw indications of ...
2 years ago Bleepingcomputer.com
Russian Hacking Groups Gamaredon and Turla: Latest Threats and Tactics - Russian hacking groups Gamaredon and Turla have been identified as persistent threats targeting various sectors globally. These groups are known for their sophisticated cyber espionage campaigns, leveraging advanced malware and phishing techniques to ...
2 months ago Cybersecuritynews.com Gamaredon Turla
Palo Alto Reveals New Features in Russian APT Turla's Kazuar Backdoor - The latest version of the Kazuar backdoor could be more sophisticated than previously imagined, according to Palo Alto Networks. The Kazuar backdoor was used by the Russian hacking group Turla to target the Ukrainian defense sector in July 2023, the ...
2 years ago Infosecurity-magazine.com Turla
Variants of RussianSupported Gamaredons Malware Aimed at Ukrainian Government Agencies - The State Cyber Protection Centre of Ukraine has identified the Russian state-sponsored threat actor known as Gamaredon for its cyber attacks on public authorities and critical information infrastructure in the country. This advanced persistent ...
2 years ago Thehackernews.com Turla
Ukraine says Russia hacked web cameras to spy on targets in Kyiv - Ukraine's security officers said they took down two online surveillance cameras that were allegedly hacked by Russia to spy on air defense forces and critical infrastructure in Ukraine's capital, Kyiv. The cameras were installed on residential ...
1 year ago Therecord.media
Russian military hackers target NATO fast reaction corps - Russian APT28 military hackers used Microsoft Outlook zero-day exploits to target multiple European NATO member countries, including a NATO Rapid Deployable Corps. Researchers from Palo Alto Networks' Unit 42 have observed them exploiting the ...
1 year ago Bleepingcomputer.com CVE-2023-23397 Fancy Bear APT28
Who Is Behind Pro-Ukrainian Cyberattacks on Iran? - COMMENTARY. Ukrainian cyber forces have attacked Russian infrastructure and assets almost since the first day of the Russian invasion of Ukraine on Feb. 24, 2022. While its mainstay is denial-of-service attacks that have knocked out the Russian ...
1 year ago Darkreading.com
Russian hackers attack Western military mission using malicious drive - The Russian state-backed hacking group Gamaredon (aka “Shuckworm”) has been targeting a military mission of a Western country in Ukraine in attacks likely deployed from removable drives. Symantec threat researchers say the ...
7 months ago Bleepingcomputer.com
Who is the DOGE and X Technician Branden Spikes? – Krebs on Security - Branden Spikes California Russian Association Congress of Russian Americans Constellation of Humanity Cyberinc Department of Government Efficiency Diana Fishman Donald J. Prior to founding Spikes Security, Branden Spikes was married to a native ...
8 months ago Krebsonsecurity.com
Russian Groups Target Signal Messenger in Spy Campaign - But the tactics the threat actors are using in the campaign could well serve as a blueprint for other groups to follow in broader attacks on Signal, WhatsApp, Telegram, and other popular messaging apps, GTIG warned in a blog post this week. The other ...
9 months ago Darkreading.com Turla
Russian APT Turla Wields Novel Backdoor Malware Against Polish NGOs - Russia-sponsored advanced persistent threat group Turla is now targeting Polish NGOs in a cyberespionage campaign that uses a freshly developed backdoor with modular capabilities, signaling an expansion of the scope of its attacks against supporters ...
1 year ago Darkreading.com Turla
Ukrainian military says it hacked Russia's federal tax agency - The Ukrainian government's military intelligence service says it hacked the Russian Federal Taxation Service, wiping the agency's database and backup copies. Following this operation, carried out by cyber units within Ukraine's Defense Intelligence, ...
1 year ago Bleepingcomputer.com
Russian hackers wiped thousands of systems in KyivStar attack - The Russian hackers behind a December breach of Kyivstar, Ukraine's largest telecommunications service provider, have wiped almost all systems on the telecom operator's network. Following the incident, Kyivstar's mobile and data services went down, ...
1 year ago Bleepingcomputer.com
Russia Set to Ramp Up Attacks on Ukraine's Allies This Winter - Russia is set to ramp up cyber campaigns targeting Ukraine's allies as kinetic warfare slows this winter, according to a report by Cyjax. Researchers noted that Russia's missile production is struggling to keep pace with its tactical, operational and ...
1 year ago Infosecurity-magazine.com
Cyber Insights 2023: The Geopolitical Effect - The result is more than a dozen features on subjects ranging from AI, quantum encryption, and attack surface management to venture capital, regulations, and criminal gangs. The Russia/Ukraine war that started in early 2022 has been mirrored by a ...
2 years ago Securityweek.com
Ukraine-Russia Cyber Battles Have Real-World Impact - "The evolution of cyberattacks and malware, particularly those that have an intersection with the use of generative AI, have lowered the barrier for entry for threat actors, leading to more threats and a greater volume of attacks," he says. ...
1 year ago Darkreading.com
Ukraine security services involved in hack of Russia's largest private bank - Ukrainian hackers collaborated with the country's security services, the SBU, to breach Russia's largest private bank, a source within the department confirmed to Recorded Future News. Last week, two groups of pro-Ukrainian hackers, KibOrg and NLB, ...
2 years ago Therecord.media
Ukrainian hackers disrupt internet providers in Russia-occupied territories - Ukrainian hackers have temporarily disabled internet services in parts of the country's territories that have been occupied by Russia. The group of cyber activists known as the IT Army said on Telegram that their distributed denial-of-service attack ...
2 years ago Therecord.media
FSB arrests Russian hackers working for Ukrainian cyber forces - The Russian Federal Security Service arrested two individuals believed to have helped Ukrainian forces carry out cyberattacks to disrupt Russian critical infrastructure targets. Both suspects were taken into custody one same day in two different ...
2 years ago Bleepingcomputer.com
Monthly Overview of Global Threats Involving IronNet - At the beginning of each month, we will be releasing blogs that analyze the intersection of geopolitical activity and cyber operations. We will be focusing on the strategies and motivations of Russia, China, Iran, and North Korea that could be a ...
2 years ago Ironnet.com
Ukraine Military Targeted With Russian APT PowerShell Attack - A sophisticated Russian advanced persistent threat has launched a targeted PowerShell attack campaign against the Ukrainian military. The attack is most likely perpetrated by malicious threat actors related to Shuckworm, a group with a history of ...
1 year ago Darkreading.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)