Operation Groundbait

Description

(ESET) After BlackEnergy, which has, most infamously, facilitated attacks that resulted in power outages for hundreds of thousands of Ukrainian civilians, and Operation Potao Express, where attackers went after sensitive TrueCrypt-protected data from high value targets, ESET researchers have uncovered another cyberespionage operation in Ukraine: Operation Groundbait.

The main point that sets Operation Groundbait apart from the other attacks is that it has mostly been targeting anti-government separatists in the self-declared Donetsk and Luhansk People’s Republics.

While the attackers seem to be more interested in separatists and the self-declared governments in eastern Ukrainian war zones, there have also been a large number of other targets, including, among others, Ukrainian government officials, politicians and journalists.

Names

Name	Name-Giver
Operation Groundbait	ESET

Country

Ukraine

Motivation

Information theft and espionage

First Seen

2008

Observed Sectors

Observed Countries

Ukraine

Tools

Prikormka

Information

https://www.welivesecurity.com/2016/05/18/groundbait/

Other Information

Uuid

38246b37-a51f-4980-800e-bc591e986073

Last Card Change

2020-04-15

Threat Intelligence Garden

Explorer

Operation Groundbait

Operation Groundbait

Description

Names

Country

Motivation

First Seen

Observed Sectors

Observed Countries

Tools

Information

Other Information

Uuid

Last Card Change

Graph View

Table of Contents

Backlinks