Intrusions with the novel Firmachagent malware and known Spectr spyware were reported by Ukraine's Computer Emergency Response Team to have been launched by pro-Russia and Luhansk People's Republic-associated threat operation Vermin as part of a new hacking campaign, according to The Record, a news site by cybersecurity firm Recorded Future.
Malicious emails including photos of individuals across the Kursk region accused of being Russian war criminals have been leveraged by Vermin to facilitate compromise with Spectr — which enables browser and messenger data theft, file copying, and screenshot capturing — and Firmachagent, which allows data exfiltration to attacker-controlled servers, reported CERT-UA. Such a development comes a week after Russia was noted by the Ukrainian Security Service to have been false information regarding Ukrainian military operations following its offensive in Kursk. Ukraine's attack on Kursk was also noted to have been followed by a significant distributed denial-of-service attack against the region's critical infrastructure, businesses, and government.
