Belarusian hackers are allegedly transmitting false information among Polish conscripts.
The Polish Ministry of National Defense (UNC1151) has revealed details about an alleged informational operation carried out by the purportedly fictitious Belarusian hacker group Ghostwriter.
The hackers behind the operation impersonated the Lithuanian-Polish-Ukrainian Brigade, a multinational military force that conducts peacekeeping and humanitarian missions, by sending fraudulent job opening communications to Polish residents. The messages claimed that the brigade would soon participate in exercises on Ukrainian soil, and according to Polish police, the objective of the hackers was to destabilize the country.
The disinformation campaign conducted by the alleged hackers is noteworthy for its rapid expansion. One day after Poland began its military qualification process, which evaluates the skills and abilities of individuals who may be enlisted in the army, the operation was discovered. Polish officials promptly refuted the campaign.
According to Polish officials, hackers used the recently registered domain “mon-gov[.]com” to disseminate messages through SMS, Telegram feeds, and email. Although the number of individuals who received the messages is unknown, Poland’s cybersecurity authority states that the campaign will continue in the future.
In 2022, IS specialists predict an increase in cyberattacks aimed at groups supporting Ukrainian refugees. Attackers are sending phishing emails that seem to be an evacuation plan from the Ukrainian Security Service. The attached files contain malicious code that can steal private information.
Although there is currently no technical evidence, some analysts believe that the Ghostwriter hacker group (UNC1151), which may be affiliated with the Belarusian government, was “tentatively” responsible for the attacks. Ghostwriter’s timing and strategy implicate them in the attacks, according to researchers.