Kaspersky Lab Uncovers 14 Hacker Groups Targeting Russian and Belarusian Organizations
Kaspersky Lab has released an analysis detailing the activities of 14 hacker groups primarily targeting organizations in Russia, Belarus, and other countries. Among these groups are hacktivist collectives that emerged in the Russian threat landscape after 2022, identifying themselves as "pro-Ukrainian." The groups identified include Angry Likho, Awaken Likho, BlackJack, BO Team, C.A.S., Cloud Atlas, Crypt Ghouls, Cyberpartisans, GOFFEE, Head Mare, Librarian Ghouls, Librarian Likho, Mythic Likho, WELVE, and XDSpy. The emergence of these groups coincides with the geopolitical tensions stemming from the Russia-Ukraine conflict. Several groups share a naming convention incorporating "Likho," a term from Slavic mythology, which may indicate a shared ideology or coordination among them. The technical implications of this report are significant, as these groups likely employ a variety of tactics, including phishing, malware deployment, and DDoS attacks. The impact on the cybersecurity landscape is profound. The rise of hacktivist groups aligned with geopolitical conflicts has led to an increase in cyber attacks targeting critical infrastructure, government entities, and private organizations. There is also a risk of collateral damage, where attacks may inadvertently affect organizations outside the intended target regions. For cybersecurity professionals, the key takeaway is the importance of staying informed about these threat actors and their methods. Organizations should ensure that their security measures are up-to-date and that they have plans in place to respond to potential attacks. Collaboration with cybersecurity firms like Kaspersky Lab can provide valuable threat intelligence to help defend against these groups. However, without access to the full report, specific technical details and recommendations are limited. Cybersecurity professionals should refer to the original Kaspersky Lab report for comprehensive information on these threat actors.