Summary: A suspected Belarusian state-backed hacking group, linked to GhostWriter, is conducting a cyber espionage campaign against opposition activists in Belarus, as well as targeting Ukrainian military and government entities. The campaign appears to have ramped up following the country’s presidential election in January 2024. Utilizing tools like PicassoLoader and mimicking anti-corruption initiatives, the operation marks a troubling development in state-sponsored cyber threats.
Affected: Belarusian opposition activists, Ukrainian military and government entities
Keypoints :
- GhostWriter is tied to Belarusian state intelligence and has orchestrated attacks since mid-2024.
- The group has previously engaged in cyber espionage against Ukrainian government and military targets.
- Recent phishing campaigns included modified versions of known malware and decoy documents related to political prisoners and anti-corruption initiatives.
Source: https://therecord.media/ukraine-gov-belarusian-opposition-targeted-ghostwriter-campaign