Belarus has targetting Ukrainian and Polish officials with phishing attacks amid Russia’s invasion of Ukraine, a report from Google says.
Google’s TAG said Ghostwriter, a Belarusian hacking group, has conducted phishing campaigns targeting Polish and Ukrainian government and military organizations in the past week. The campaigns aimed to get officials’ credentials.
TAG added that Ghostwriter has also targeted individuals using several Ukrainian, Russian and Polish email providers.
The threat analysis team also said attack group Fancy Bear, which it identified as being affiliated with Russia’s military intelligence agency had conducted several large phishing campaigns over the past two weeks targeting users of ukr.net, a Ukrainian media company. The phishing emails were sent from compromised accounts and led to credential phishing pages.
“Online security is extremely important for people in Ukraine and the surrounding region right now. Government agencies, independent newspapers and public service providers need it to function and individuals need to communicate safely,” TAG said in the post. “Google’s Threat Analysis Group (TAG) has been working around the clock, focusing on the safety and security of our users and the platforms that help them access and share important information.”