Digital Media Net - Your Gateway To Digital media Creation. News and information on Digital Video, VR, Animation, Visual Effects, Mac Based media. Post Production, CAD, Sound and Music
HOUSTON–(BUSINESS WIRE)–Prevailion, a global leader in Compromise Breach MonitoringTM and cyber adversary intelligence, has discovered new operational details for UNC1151, a suspected Russian state-sponsored cyber threat actor, which has been involved in cyber espionage and online disinformation and influence campaigns throughout Europe.
Prevailion’s researchers have determined that UNC1151’s online infrastructure is three times larger than what has been previously documented, and its malicious cyber activities are broader and more aggressive than was originally suspected. These operations are also continuing to evolve and expand.
“The specially-crafted phishing infrastructure we uncovered is extensive for a disinformation campaign and shows that they built this for long-term resilience and probably have financial backing of some kind, which reinforces the state-sponsored suspicions,” said Karim Hijazi, CEO of Prevailion. “The domains we discovered appear to be the group’s backup infrastructure, which they likely switched to after security researchers exposed other domains in previous reporting. This shows a high level of sophistication, as UNC1151 seems to have anticipated some level of domain attrition by the security community and had backups in place to maintain their operation with limited, if any, disruption.”
WHAT IS UNC1151?
UNC1151 is a cyber threat actor that is believed to be backed by the Kremlin and responsible for a series of ongoing malicious activities throughout Europe known as “Ghostwriter”. These activities involve anti-NATO disinformation campaigns, cyber espionage and politically damaging hack-and-leak operations.
This group was first identified by FireEye’s Mandiant in April 2021, as a follow-up to its July 2020 report which first identified the Ghostwriter campaign. Additional research on UNC1151 and Ghostwriter have been carried out by several other companies, including ThreatConnect, DomainTools and VSQUARE.
NEW FINDINGS IN PREVAILION REPORT:
Prevailion’s Adversarial Counterintelligence Team (PACT) used advanced infrastructure hunting techniques and Prevailion’s unique visibility into threat actor infrastructure creation to uncover previously unknown domains associated with UNC1151 and the “Ghostwriter” influence campaign.
In a report published today, Prevailion details the following findings:
“Based on our counterintelligence collection, we believe that UNC1151 is positioned for a much wider operation, both in Europe and potentially beyond,” said Hijazi. “A common tactic used by Russian groups is to test specific cyber tactics and strategies in countries like Ukraine or the Baltics first, before deploying them against larger national targets.”
To read the full report, go to: https://www.prevailion.com/diving-deep-into-unc1151s-infrastructure-ghostwriter-and-beyond.
ABOUT PREVAILION
Prevailion is the world’s first Continuous Breach MonitoringTM company, transforming the way organizations approach compromise detection and breach prevention to drastically improve security operations. Through next-level tailored intelligence and a zero-touch platform, Prevailion provides a full view of confirmed “Evidence of Compromise” (EOC) for customers and their partner ecosystems. Prevailion is funded by AllegisCyber Capital, DataTribe, Allstate Strategic Ventures, Legion Capital, Irongrey and Accenture Ventures. To learn more about Prevailion, visit www.prevailion.com.
Contacts
Michael Sias
Firm 19 for Prevailion
inquiry@firm19.com
954-361-3963
The number of digital health apps stands at 337,000, with disease-specific apps that bring more…
NEW DELHI, Dec. 21, 2024 /PRNewswire/ -- Appy Pie Design, a leading No-code AI Design…
Montreal-based Thought Technology Ltd wraps up its 50th year in business providing psychophysiological instrumentation to…
RIYADH, Saudia Arabia, Dec. 20, 2024 /PRNewswire/ -- Impossible Creative debuted innovative immersive storytelling technology…
The Jim & Linda Lee Performing Arts Center, Northern Arizona’s premiere entertainment venue, has installed…