Advertisement

Hackers attempt to infiltrate Ukrainian tech company with backdoor malware, Talos says

The attack could have been part of an attempt to compromise the software supply chain, the researchers said.
Illustration by Oleksandr Hurtovyi/Getty Images

Attackers targeted a large, unnamed software development company in Ukraine that services various state entities with a “fairly uncommon” piece of malware in recent weeks, researchers with Cisco Talos said Thursday.

The unknown hackers used a slightly modified version of an open-source backdoor named “GoMet,” the researchers said, that at least two sophisticated hacking groups have used since 2020.

Despite the fact that the Talos researchers found no indication that the attackers successfully exploited the tool, they are concerned nonetheless, they said.

“As this firm is involved in software development, we cannot ignore the possibility that a supply chain-style attack might have been this campaign’s end goal,” the researchers said.

Advertisement

Cyberattacks have increasingly bombarded both private and government entities in Ukraine since the first Russian invasion of Ukraine in 2014 and as part of the war that began Feb. 24. Ukrainian officials who track cyber “incidents” recorded at least 64 in second quarter of 2022, up from 40 the previous quarter, officials said in a recent report with details of new and ongoing attacks emerging regularly.

A successful attack on a software provider could “be leveraged in a variety of ways including deeper access or to launch additional attacks, including the potential for software supply chain compromise,” the researchers wrote.

“Ukraine is still facing a well-funded, determined adversary that can inflict damage in a variety of ways,” they said. “This is just the latest example of those attempts.”

Russia declared war against Ukraine on Feb. 24. Before, during and after the military campaign began, the CyberScoop staff has been tracking the cyber dimensions of the conflict.

This story was featured in FedScoop Special Report: War in Ukraine

Latest Podcasts