Ukraine at D+379: A "tactical pause."
N2K logoMar 10, 2023

Low-level hacktivism and cyberespionage phishing continue against Ukraine as Russia's Wagner Group appears to have begun a "tactical pause" in the vicinity of Bakhmut.

Ukraine at D+379: A "tactical pause."

Ukrainian forces claim to have "pushed back" Russian attacks in Bakhmut, Al Jazeera reports. The Institute for the Study of War notes the Wagner Group's push in the northwestern part of the city, but also says the mercenaries are taking a "tactical pause"as they await reinforcement by regular Russian troops. "The Wagner Group’s offensive operation in eastern Bakhmut appears to have entered a temporary tactical pause and it remains unclear if Wagner fighters will retain their operational preponderance in future Russian offensives in the city," the Institute writes. "There have been no reports of Wagner fighters conducting offensive operations from eastern Bakhmut into central parts of the city since Russian forces captured all of eastern Bakhmut located east of the Bakhmutka River on March 7."

Why Russian missile strikes seem to be coming in waves.

The UK's Ministry of Defence in this morning's situation report commented on the wave of missile strikes Russia conducted on Thursday. "On 09 March 2023, Russia conducted a wave of at least 80 long-range strikes against Ukrainian critical infrastructure. Russia deployed cruise missiles, air defence missiles in a surface-surface role, Iranian one way attack uncrewed aerial vehicles, and an unusually large number of hypersonic air-launched ballistic missiles during the attack. This was the first major wave of long-range strikes since 16 February 2023 and likely one of the largest since December 2022. Ukrainian officials reported at least 11 civilians killed. The interval between waves of strikes is probably growing because Russia now needs to stockpile a critical mass of newly produced missiles directly from industry before it can resource a strike big enough to credibly overwhelm Ukrainian air defences."

Remcos reappears in attacks against Ukrainian government agencies.

Check Point reports seeing the Remcos remote access Trojan (RAT) as the payload in phishing messages being sent to Ukrainian government organizations. "Remcos is a RAT that first appeared in the wild in 2016. Remcos distributes itself through malicious Microsoft Office documents, which are attached to SPAM emails, and is designed to bypass Microsoft Windows’s UAC security and execute malware with high-level privileges," Check Point explains.

DDoS at a Ukrainian radio station.

Halychyna FM, a radio station in western Ukraine, was inaccessible briefly on March 2nd due to a distributed denial-of-service (DDoS) attack claimed by the hacktivists of Russia's Narodnaya Cyber-Armiya, the International Press Institute reports. The attack is typical of the nuisance-level hacktivism cyber auxiliaries have established during the present war.