NewsHail
22 May 2025
The UK says a Russian cyber group ran a harmful hacking campaign. It targeted many groups, including those sending help to Ukraine.
The UK’s National Cyber Security Centre (NCSC) worked with the US, Germany, France, and others to investigate. They say the Russian military has been hacking groups since 2022.
These groups work in defense, IT, and shipping. Some cameras at the Ukraine border were also hacked. These cameras helped track aid deliveries.
The report says about 10,000 cameras were hacked. These were near rail stations, military areas, and roads. Some were normal traffic cameras.
The group blamed is a Russian military unit called GRU Unit 26165. It is also known as Fancy Bear. It has hacked before. In 2016, it broke into US political groups. It also leaked sports drug test data.
Paul Chichester from the NCSC said this is a big threat. It puts many support groups at risk. He told groups to read the warning and protect their networks.
John Hultquist from Google said people helping Ukraine should know they are targets. Russia wants to find and stop this help. These hacks could lead to worse attacks.
The hackers also went after ports, airports, defense companies, and air traffic services. These attacks happened in 12 European countries and the US.
The hackers used several tricks. One was guessing passwords. Another was spearphishing. That means sending fake emails to steal logins or install harmful software.
These fake emails covered many topics, even adult content.
They also used a weakness in Microsoft Outlook. They sent fake calendar invites to steal login info.
Rafe Pilling from Sophos said these tricks are not new. Fancy Bear has used them for over 10 years. He said the hacked cameras helped Russia see what goods were being moved, when, and in what amounts. This could help them target attacks.
