Russia and Ukraine Conflicts Escalates

With each passing day, Russia and Ukraine conflicts are increasing and here, one of the most active participants of data gathering and publishing from the conflict in Ukraine is a group of hackers whose political views are against Russia or for Ukraine. 

New data from Check Point Research has revealed that the number of cyberattacks carried out by hackers on Ukraine during their current conflict with Russia has risen by over 196% in the past three days alone.

While if we compare this figure with the attacks done on Russia, will show the dramatic difference, as in this time there is only a four percent increase in the cyberattacks on Russia.

Telegram – A Digital Forefront for Hackers

In this current cyber warfare between Russia and Ukraine, hackers are significantly using Telegram as a digital forefront. The encrypted messaging app, Telegram is the go-to platform for cybercriminals and those looking to evade censorship. 

Over the past few years, we’ve seen a surge in activity among political activists who are using it as a weapon to manage their online discourse. The CPR researchers have shown increases of up to 6 times across hundreds of group chats, occurring during February 24th when the conflict began.

Types of Groups Observed

  • Cyber-attack groups against Russia that urge followers to attack Russian targets in different tools and ways.
  • Hackers groups that urge their followers to raise funds to support Ukraine.
  • Hacker groups that bypass the exclusive news reports of mainstream news outlets about the conflict.

Attack Scenario

As hackers continue the trend of choosing popular messaging apps so as to communicate with one another, it’s no wonder that cyber hacktivists have adopted Telegram for the same. 

Since sending out war/terror commands and leaked information, we’re seeing an average of 10 new groups launched per day or around 1,200 users inside each group, and some of them even boast over 250,000 users.

What makes this messenger even more attractive for those cause-oriented folks is the fact that its open-source nature is critical not only when you need to build a team quickly but also in terms of broadcasting fake news updates and allowing others to live stream or share material via licensed content.

All these Telegram groups are operated to coordinate the attack, decide on what target will be attacked next, and share the results of their efforts with each other. 

They sometimes offer to help each other in attacking targets – one day it’s one group helping out another or a member of a specific group who may need assistance in taking down a certain website.

However, currently, the DDoS attacks became very popular as an unpleasant weapon that everyone has at least heard of these days, with anti-Russian attackers pointing towards their chosen victims and asking their group users to follow suit in order to take down the site and maybe cause some havoc online.

Recommendations

Here are the mitigations recommended by the cybersecurity researchers:-

  • Do not open any suspicious or unknown links.
  • Always beware of suspicious requests.
  • Beware of sending money to unknown sources.
  • Beware of fake news.
  • Always check time-stamps.
  • Always trace the origins of content.
  • Double-check the link you get.
  • Always rely on trusted sources.

You can follow us on LinkedinTwitterFacebook for daily Cybersecurity and hacking news updates.

Gurubaran is a co-founder of Cyber Security News and GBHackers On Security. He has 10+ years of experience as a Security Consultant, Editor, and Analyst in cybersecurity, technology, and communications.