Cybersecurity researchers have identified a Ukrainian IP network involved in extensive brute-force and password spraying attacks targeting SSL VPN and RDP devices in mid-2025. The activity is linked to a complex network of Ukrainian, Seychelles, and Russian autonomous systems involved in malicious campaigns, including spam, malware hosting, and large-scale cyber intrusions. #FDN3 #TKNET #SiberInvest #AlexHostLCC #PolarEdge
Keypoints
- The Ukrainian autonomous system FDN3 is involved in widespread brute-force attacks on VPN and RDP services.
- Multiple Ukrainian and Seychelles-based networks exchange prefixes to evade detection and continue malicious activities.
- Several prefixes previously associated with Russian and Bulgarian threat groups are now linked to FDN3 and related networks.
- The attacks peaked between July 6 and 8, 2025, leveraging techniques used by ransomware and cybercrime groups.
- Analysis reveals offshore hosting and peering agreements that obscure the true operators behind these malicious networks.
Read More: https://thehackernews.com/2025/09/ukrainian-network-fdn3-launches-massive.html