Cyber Attack Credential Harvesting News

Russian Hackers Disrupted After Targeting Europe and Ukraine with Malware and Phishing

The Russian GRU-backed APT28 group, also known as BlueDelta, has been targeting European networks, particularly in Ukraine, with the HeadLace malware and credential-harvesting web pages. The campaigns, running from April to December 2023, utilized spear-phishing emails and sophisticated multi-stage infection sequences. BlueDelta's operations aimed to gather intelligence on military-related entities, employing various techniques including geofencing, legitimate internet services, and compromised Ubiquiti routers. The group's activities reflect a broader strategy to influence military tactics and regional policies amidst ongoing aggression against Ukraine.