News updated: One of the Kremlin’s hacking groups targeting Ukraine tried to hack a petroleum refining company located in a NATO country.
It’s a sign that the hacking group is expanding its intelligence knowledge after Russia’s invasion.
Researchers with Palo Alto Networks’ Unit 42 stated the attempted hacking happened on August 30, but it was unsuccessful.
The hacking groups operated under various names: Gamaredon, Trident Ursa, Shuckworm, Primitive Bear, and UAC-0010.
Unit 42 has mapped more than 200 samples the hacking group has left behind to infect targets with information-stealing malware.
Previously, they mostly used emails in the Ukrainian language, but some samples show they have begun using English.
Tuesday’s report didn’t name the targeted country or petroleum company name where the facility was located.
However, Western-aligned officials have warned that Russia has targeted energy companies in countries opposing the Russia-Ukraine war.
National Security Agency Cyber Director Rob Joyce also said his concern about the serious cyberattacks from Russia, particularly on the global energy sector.
It’s understandable since there is increasing pressure on Russia as the war progresses, so they try different strategies, including hacking activity.
Russia has released at least seven pieces of wiper malware dedicated to destroying data permanently.
For instance, one of that malware took out thousands of satellite modems used by Viasat customers.