Physical threats towards a Ukrainian cybersecurity researcher and a failed try and breach a petroleum refinery inside a NATO-member nation are simply the newest notable salvos in Russian state-backed APT group Trident Ursa’s marketing campaign towards Ukraine.
Researchers at Palo Alto Network’s Unit 42 reported on the APT group (also referred to as Gamaredon, Primitive Bear, Shuckworm, and UAC-0010) techniques over the previous 10 months, noting the connection between Trident Ursa and the Russian Federal Security Service.
“As the battle has continued on the bottom and in our on-line world, Trident Ursa has been working as a devoted entry creator and intelligence gatherer,” the Unit 42 group defined. “Trident Ursa stays one of the vital pervasive, intrusive, repeatedly lively and targeted APTs concentrating on Ukraine.”