Close Menu
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
What's Hot

At Starbase, SpaceX is doing its own firefighting.

Chinese hackers have been exploiting ArcGIS Server as a backdoor for over a year

FleetWorks raises $17 million to match truck drivers with freight faster

Facebook X (Twitter) Instagram
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
Facebook X (Twitter) Instagram
Fyself News
  • Home
  • Identity
  • Inventions
  • Future
  • Science
  • Startups
  • Spanish
Fyself News
Home » AI becomes Russia’s new cyber weapon in war against Ukraine
Identity

AI becomes Russia’s new cyber weapon in war against Ukraine

userBy userOctober 9, 2025No Comments3 Mins Read
Share Facebook Twitter Pinterest Telegram LinkedIn Tumblr Email Copy Link
Follow Us
Google News Flipboard
Share
Facebook Twitter LinkedIn Pinterest Email Copy Link

October 9, 2025Ravi LakshmananArtificial intelligence/malware

The introduction of artificial intelligence (AI) in cyberattacks on Ukraine by Russian hackers has reached a new level in the first half of 2025 (H1 2025), the country’s State Special Communications and Information Protection Service (SSSCIP) has announced.

“Hackers are now using this to do more than just generate phishing messages. Some of the malware samples we analyzed showed clear signs of being generated by AI, and attackers definitely don’t intend to stop there,” the agency said in a report released Wednesday.

According to SSSCIP, 3,018 cyber incidents were recorded during the same period, up from 2,575 in the second half of 2024 (H2 2024). Compared to the second half of 2024, attacks against local governments and military organizations increased, while attacks targeting governments and the energy sector decreased.

One notable attack observed was when UAC-0219 used malware called WRECKSTEEL in attacks against state government offices and critical infrastructure facilities in the country. There is evidence to suggest that PowerShell data stealing malware was developed using AI tools.

DFIR retainer service

Some of the other campaigns registered against Ukraine are listed below.

A phishing campaign organized by UAC-0218 targeting the Armed Forces to distribute HOMESTEEL using booby-trapped RAR archives A phishing campaign organized by UAC-0226 targeting organizations involved in the development of innovations in the defense industry sector, local governments, military units, and law enforcement agencies with the aim of distributing a stealer called GIFTEDCROOK UAC-0227 Phishing campaigns targeting local residents, organized by authorities, critical infrastructure facilities, Regional Recruitment and Social Support Centers (TRC and SSC). A phishing campaign organized by UAC-0125, a subcluster associated with Sandworm, that sent email messages containing links to websites masquerading as ESET. Delivering a C#-based backdoor named Kalambur (also known as SUMBUR) under the guise of a threat removal program.

SSSCIP has been linked to Russian-linked APT28 (aka UAC-0001) attackers using Roundcube (CVE-2023-43770, CVE-2024-37383, CVE-202) 5-49113) and Zimbra (CVE-2024-27443, CVE-2025-27915). Webmail software that performs zero-click attacks.

“When exploiting such vulnerabilities, an attacker typically injects malicious code through the Roundcube or Zimbra API to gain access to credentials, contact lists, and filters configured to forward all email to an attacker-controlled mailbox,” SSSCIP said.

CIS build kit

“Another way to steal credentials using these vulnerabilities was to create a hidden HTML block (visibility: hidden) with login and password input fields with the attribute autocomplete=”on” set. This allowed the fields to be autofilled with data stored in the browser, which was then exposed.

The agency also revealed that Russia continues to engage in hybrid warfare, synchronizing battlefield kinetic attacks and cyber operations with the Sandworm (UAC-0002) group targeting organizations in the energy, defense, internet service providers, and research sectors.

Additionally, several threat groups targeting Ukraine are exploiting legitimate services such as Dropbox, Google Drive, OneDrive, Bitbucket, Cloudflare Workers, Telegram, Telegra.ph, Teletype.in, Firebase, ipfs.io, and mocky.io to host malware and phishing pages or turn them into data exfiltration channels.

“Using legitimate online resources for malicious purposes is not a new tactic,” SSSCIP said. “However, the number of such platforms exploited by Russian hackers has been steadily increasing recently.”


Source link

#BlockchainIdentity #Cybersecurity #DataProtection #DigitalEthics #DigitalIdentity #Privacy
Follow on Google News Follow on Flipboard
Share. Facebook Twitter Pinterest LinkedIn Tumblr Email Copy Link
Previous ArticleTabletop experiment sets record for gravitational wave search
Next Article Complete design of Europe’s first fusion power plant
user
  • Website

Related Posts

Chinese hackers have been exploiting ArcGIS Server as a backdoor for over a year

October 14, 2025

How Threat Hunting Builds Readiness

October 14, 2025

A single 8-byte write shatters AMD’s SEV-SNP Confidential Computing security

October 14, 2025
Add A Comment
Leave A Reply Cancel Reply

Latest Posts

At Starbase, SpaceX is doing its own firefighting.

Chinese hackers have been exploiting ArcGIS Server as a backdoor for over a year

FleetWorks raises $17 million to match truck drivers with freight faster

Aquawise unveils AI-powered water quality technology at TechCrunch Disrupt 2025

Trending Posts

Subscribe to News

Subscribe to our newsletter and never miss our latest news

Please enable JavaScript in your browser to complete this form.
Loading

Welcome to Fyself News, your go-to platform for the latest in tech, startups, inventions, sustainability, and fintech! We are a passionate team of enthusiasts committed to bringing you timely, insightful, and accurate information on the most pressing developments across these industries. Whether you’re an entrepreneur, investor, or just someone curious about the future of technology and innovation, Fyself News has something for you.

Revolutionize Your Workflow: TwinH Automates Tasks Without Your Presence

FySelf’s TwinH Unlocks 6 Vertical Ecosystems: Your Smart Digital Double for Every Aspect of Life

Beyond the Algorithm: How FySelf’s TwinH and Reinforcement Learning are Reshaping Future Education

Meet Your Digital Double: FySelf Unveils TwinH, the Future of Personalized Online Identity

Facebook X (Twitter) Instagram Pinterest YouTube
  • Home
  • About Us
  • Advertise with Us
  • Contact Us
  • DMCA
  • Privacy Policy
  • Terms & Conditions
  • User-Submitted Posts
© 2025 news.fyself. Designed by by fyself.

Type above and press Enter to search. Press Esc to cancel.