Google TAG Warns of Russian Hackers Conducting Phishing Attacks in Ukraine

Russian military-linked hackers have been implicated in large-scale phishing campaigns targeting the Ukraine to gather intelligence and sway public discourse on the war. The campaigns are led by a group monitored by Google’s Threat Analysis Group (TAG) under the name FROZENLAKE, aka APT28 or Fancy Bear, which focuses on Eastern European webmail users. The hackers have been active since 2009, targeting media, governments and military entities. Other groups, also connected to Russia’s GRU, are engaged in similar activities.