Campaigns Impersonate the CIA to Target Ukraine Sympathizers, Russian Citizens and Informants

SUMMARY :

Silent Push Threat Analysts have uncovered a sophisticated phishing campaign targeting individuals sympathetic to Ukraine's defense, Russian citizens, and potential informants. The operation, believed to be orchestrated by Russian Intelligence Services, employs four major phishing clusters impersonating the CIA, Russian Volunteer Corps, Legion Liberty, and Hochuzhit. These campaigns aim to collect personal information from victims through fake websites and forms. The threat actors utilize bulletproof hosting, domain spoofing, and Google Forms to lure targets into providing sensitive data. The campaign's persistence, long-term targeting of specific groups, and impersonation of official organizations without apparent financial motives strongly suggest state-sponsored involvement. Mitigation efforts include identifying and blocking associated domains and IPs.

OPENCTI LABELS :

phishing,russia,ukraine,impersonation,state-sponsored,russian volunteer corps,hochuzhit,cia,intelligence gathering,legion liberty


Open in NetmanageIT OpenCTI Public Instance with below link!


Use public read only username and password on login page.

NOTE : Use Public READ only user credentials on login page banner.


Campaigns Impersonate the CIA to Target Ukraine Sympathizers, Russian Citizens and Informants