AI-Driven Malware and Phishing Campaigns Targeting Ukraine
Summary
Hide ▲
Show ▼
In the first half of 2025, Russian hackers have intensified their use of AI in cyber attacks against Ukraine. The State Service for Special Communications and Information Protection (SSSCIP) reported 3,018 cyber incidents, an increase from the previous period. These attacks include AI-generated malware and sophisticated phishing campaigns targeting various sectors, including local authorities, military units, and critical infrastructure. The use of AI in cyber operations has significantly enhanced the sophistication and effectiveness of these attacks.
Timeline
-
09.10.2025 12:10 1 articles · 6h ago
AI-Driven Cyber Attacks Against Ukraine Intensify in H1 2025
In the first half of 2025, Russian hackers escalated their use of AI in cyber attacks against Ukraine. The State Service for Special Communications and Information Protection (SSSCIP) recorded 3,018 cyber incidents, marking an increase from the previous period. These attacks included AI-generated malware and phishing campaigns targeting various sectors, such as local authorities, military units, and critical infrastructure. The use of AI has significantly enhanced the sophistication and effectiveness of these attacks, posing a greater threat to Ukraine's cybersecurity.
Show sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10
Information Snippets
-
The number of cyber incidents in Ukraine increased to 3,018 in the first half of 2025, up from 2,575 in the second half of 2024.
First reported: 09.10.2025 12:101 source, 1 articleShow sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10
-
AI is being used to generate phishing messages and develop malware, such as the PowerShell data-stealing malware WRECKSTEEL.
First reported: 09.10.2025 12:101 source, 1 articleShow sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10
-
UAC-0219 used WRECKSTEEL to target state administration bodies and critical infrastructure.
First reported: 09.10.2025 12:101 source, 1 articleShow sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10
-
UAC-0218, UAC-0226, and UAC-0227 orchestrated phishing campaigns targeting defense forces, government bodies, and critical infrastructure.
First reported: 09.10.2025 12:101 source, 1 articleShow sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10
-
UAC-0125, a sub-cluster of Sandworm, used phishing emails to deliver the Kalambur backdoor.
First reported: 09.10.2025 12:101 source, 1 articleShow sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10
-
APT28 (UAC-0001) exploited vulnerabilities in Roundcube and Zimbra webmail software for zero-click attacks.
First reported: 09.10.2025 12:101 source, 1 articleShow sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10
-
Sandworm (UAC-0002) targeted energy, defense, and internet service providers in Ukraine.
First reported: 09.10.2025 12:101 source, 1 articleShow sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10
-
Threat actors abused legitimate services like Dropbox, Google Drive, and Telegram to host malware and phishing pages.
First reported: 09.10.2025 12:101 source, 1 articleShow sources
- From Phishing to Malware: AI Becomes Russia's New Cyber Weapon in War on Ukraine — thehackernews.com — 09.10.2025 12:10