The Security Service of Ukraine, in collaboration with the FBI, revealed a Russian intelligence operation targeting messaging accounts of officials and civilians. The attackers used fake support messages to coax victims into revealing sensitive credentials.
The Security Service of Ukraine (SSU) announced the discovery of a cyber espionage campaign orchestrated by Russian intelligence. It involved systematic attacks designed to breach the messaging credentials of government officials, military personnel, and activists across Ukraine, Europe, and the United States.
Attackers sent SMS messages that appeared to come from legitimate messaging platform support bots. These messages tricked users into providing their account credentials, thereby facilitating unauthorized access to sensitive information.
The SSU noted that the phishing campaign affected not only high-profile targets but also personal accounts of ordinary Ukrainian citizens. This broad range highlights the extensive nature of the threat.
While no specific hacking group was named, the campaign is reminiscent of previous attacks attributed to Russian threats like Star Blizzard and UNC5792.
In light of these attacks, users are advised to regularly review their messaging app sessions, enable two-factor authentication, and avoid sharing personal or recovery information. Additionally, they should be cautious about unsolicited messages and links.
The FBI has linked this activity to a wider campaign targeting high-value individuals to extract sensitive data. Recently, the Computer Emergency Response Team of Ukraine (CERT-UA) reported similar phishing attacks attributed to Belarus-aligned actors, evidencing a coordinated effort to undermine security in the region.
β¨ This summary was generated by AI from the outlets' reporting listed below. It is not independently verified and may contain errors β check the original sources. How BrevFeed works β
The Security Service of Ukraine, in collaboration with the FBI, revealed a Russian intelligence operation targeting messaging accounts of officials and civilians. The attackers used fake support messages to coax victims into revealing sensitive credentials.