Targeting of Ukrainian state bodies

Date of report

March 2022

Affiliations

Gamaredon

Russian APT InvisiMole, which has ties to Gamaredon, conducted a phishing campaign targeting Ukrainian organizations with the LoadEdge backdoor. The backdoor allowed Gamaredon to install surveillance software and other malware onto infected systems.

Suspected victims

Ukrainian state bodies

Suspected state sponsor

Russian Federation

Type of incident

Espionage

Target category

Government

Victim government reaction

Policy response

Confirmation

Кібератака групи UAC-0035 (InvisiMole) на державні організації України (CERT-UA#4213)
Ukraine warns of InvisiMole attacks tied to state-sponsored Russian hackers

Cyber Operations Tracker

CFR.org

Topics

Regions

Explainers

Research & Analysis

Communities

Events