Ukraine's Coordination Headquarters for the Treatment of Prisoners of War had its website subjected to a distributed denial-of-service attack during the weekend, from which it has since recovered from, reports The Record, a news site by cybersecurity firm Recorded Future.
Such a DDoS attack was linked to Russia, which may have deployed the intrusion in retaliation to the crash of a Russian Il-76 aircraft carrying Ukrainian prisoners of war and Russian servicemen and crew members that Russia has been pinning on Ukraine. Ukraine has already sought an international probe into the incident, which Russia rejected.
"We are aware that the enemy is actively carrying out information operations directed against Ukraine, which are aimed at destabilizing Ukrainian society," the agency said.
The incident follows an advisory from Ukraine's National Cybersecurity Coordination Center warning about a Ukrainian military-targeted phishing campaign deployed by Russian state-backed hacking operation APT28, also known as Fancy Bear.
"This trend might also be perpetuated by the wider availability and increased quality of AI tools that lack prompt filtering, which cybercriminals can use to quickly assemble and debug their code," said Europol.
FLUXROOT exploited Google Cloud container URLs to establish phishing pages distributing the Grandoreiro banking trojan, which proceeded to exfiltrate credentials from widely used LatAm online payments platform Mercado Pago.
Illicit cyber activities conducted by Chinese cybercrime syndicate Vigorish Viper involving a sophisticated technology suite have been supported by the group's illegal betting platforms advertised by sports teams, including European football clubs and Indian cricket and kabaddi teams.