Targeting of Ukrainian networks via fake telecommunications firms

Date of report

September 2022

Affiliations

Sandworm

A Russian threat actor masqueraded as a Ukrainian telecommunications firm in order to gain access to other networks in Ukraine, both through spear-phishing and malicious public domains.

Suspected victims

Ukrainian telecommunications infrastructure and other firms

Suspected state sponsor

Russian Federation

Type of incident

Espionage

Target category

Private sector
Government

Victim government reaction

Unknown

Policy response

Unknown

Russia-Nexus UAC-0113 Emulating Telecommunication Providers in Ukraine

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events