Mar 13- Mar 19 Ukraine – Russia the silent cyber conflict

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective.

Below is the timeline of the events related to the previous weeks:

March 18 – China-linked threat actors are targeting the government of Ukraine

Google’s TAG team revealed that China-linked APT groups are targeting Ukraine ’s government for intelligence purposes.

March 18 – Russia-linked Cyclops Blink botnet targeting ASUS routers

The recently discovered Cyclops Blink botnet, which is believed to be a replacement for the VPNFilter botnet, is now targeting the ASUS routers.
March 18 – node-ipc NPM Package sabotage to protest Ukraine invasion

The developer behind the popular “node-ipc” NPM package uploaded a destructive version to protest Russia’s invasion of Ukraine.

March 17 – Anonymous continues to support Ukraine against Russia

The collective Anonymous and its affiliated groups continue to target the Russian government and private organizations.

March 17 – Ukraine SBU arrested a hacker who supported Russia during the invasion

The Security Service of Ukraine (SBU) announced the arrest of a “hacker” who helped Russian Army during the invasion.

March 16 – Russia’s disinformation uses deepfake video of Zelenskyy telling people to lay down arms

Russia’s disinformation uses deepfake video of Zelenskyy telling people to lay down arms

March 16 – Russia-linked threats actors exploited default MFA protocol and PrintNightmare bug to compromise NGO cloud

FBI and CISA warn Russia-linked threats actors gained access to an NGO cloud after enrolling their own device in the organization’s Duo MFA.

March 16 – Hacker breaches key Russian ministry in blink of an eye

In mere seconds, a hacker remotely accessed a computer belonging to a regional Russian Ministry of Health, taking advantage of sloppy cybersecurity practices to expose its entire network.

March 15 – The German BSI agency recommends replacing Kaspersky antivirus software

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software.

March 15 – CaddyWiper, a new data wiper hits Ukraine

Experts discovered a new wiper, tracked as CaddyWiper, that was employed in attacks targeting Ukrainian organizations.

March 14 – Ukraine is using Clearview AI’s facial recognition during the conflict

Ukraine’s defense ministry began using Clearview AI’s facial recognition technology to uncover Russian assailants, combat misinformation and identify the dead.

March 14 – Anonymous claims to have hacked German subsidiary of Russian energy giant Rosneft

Anonymous claims to have hacked the systems of the German subsidiary of Russian energy giant Rosneft and stole 20TB of data.

March 14 – Russia-Ukraine cyber conflict poses critical infrastructure at risk

While the Russia-Ukraine cyber conflict goes on, nation-state actors, crooks, and hacktivists continue to pose critical infrastructure at risk.

March 13 – Anonymous sent a message to Russians: “remove Putin”

Anonymous has published a new message for Russian citizens inviting them to remove Putin that is sacrificing them and killing Ukrainians.

https://securityaffairs.co/wordpress/128727/cyber-warfare-2/feb-27-mar-05-ukraine-russia-cyberwar.html

https://securityaffairs.co/wordpress/128478/cyber-warfare-2/russian-invasion-of-ukraine-timeline.html

https://securityaffairs.co/wordpress/128967/cyber-warfare-2/mar-06-mar-12-ukraine-russia-the-silent-cyber-conflict.html

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, Russia)

[adrotate banner=”5″]

[adrotate banner=”13″]