The Federal Security Service (FSB), the Interior Ministry, and the Investigative Committee of Russia have uncovered and disrupted 100 illegal communication channels used by Ukrainian intelligence services to involve Russians in sabotage and terrorism since September 1, 2025, with over 200 people involved in running SIM boxes detained across 43 Russian regions.
“As a result <…> more than 200 Russian and foreign citizens involved in operating SIM boxes, replenishing SIM card balances used in them, illegally distributing subscriber numbers of Russian telecom operators, and providing services for online account registration were detained in 43 Russian regions,” the FSB added.
Read more…
Source: TASS News
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- In-depth analysis of July 2023 exploit chain featuring CVE-2023-36884 and CVE-2023-36584
November 13, 2023
During their analysis of a July 2023 campaign targeting groups supporting Ukraine’s admission into NATO, Unit 42 researchers discovered a new vulnerability for bypassing Microsoft’s Mark-of-the-Web (MotW) security feature. This activity has been attributed by the community to the pro-Russian APT group known as Storm-0978 (also known as the RomCom Group, in reference to their use ...
- Secretary General: Through NATO, we can build a secure cyberspace for all
November 9, 2023
The Secretary General emphasized that cyber is driving strategic competition and that authoritarian regimes, including China and Russia, are: “challenging our interests, our values and our security.” He said they are: “determined to shape the future of cyberspace in own image with little transparency and no regard for human rights.” At the Vilnius Summit this ...
- Sandworm Disrupts Power in Ukraine Using a Novel Attack Against Operational Technology
November 9, 2023
In late 2022, Mandiant responded to a disruptive cyber physical incident in which the Russia-linked threat actor Sandworm targeted a Ukrainian critical infrastructure organization. This incident was a multi-event cyber attack that leveraged a novel technique for impacting industrial control systems (ICS) / operational technology (OT). The actor first used OT-level living off the land (LotL) ...
- US sanctions Russian accused of laundering Ryuk ransomware funds
November 6, 2023
The U.S. government has sanctioned a Russian national for allegedly laundering millions of dollars’ worth of victim ransom payments on behalf of individuals linked to the notorious Ryuk ransomware group. According to an announcement from the U.S. Treasury’s Office of Foreign Assets Control (OFAC), Ekaterina Zhdanova, 37, is accused of using virtual currency exchange transfers and ...
- Do government sanctions against ransomware groups work?
November 2, 2023
Earlier this year, the U.S. government imposed sanctions against Russian national Mikhail Matveev, an FBI most-wanted cybercriminal, who authorities accuse of being a “prolific ransomware affiliate” involved in cyberattacks in the United States and overseas. Authorities say Matveev played a major role in the development and deployment of the Hive, LockBit and Babuk ransomware variants, ...
- Over the Kazuar’s nest: Cracking down on a freshly hatched backdoor used by Pensive Ursa
October 31, 2023
While tracking the evolution of Pensive Ursa (aka Turla, Uroburos), Unit 42 researchers came across a new, upgraded variant of Kazuar. Not only is Kazuar another name for the enormous and dangerous cassowary bird, Kazuar is an advanced and stealthy .NET backdoor that Pensive Ursa usually uses as a second stage payload. Pensive Ursa is a ...