Cyber Spetsnaz’s Operation Panopticon Launches Espionage Attacks

What has been discovered?

• On June 2, Cyber Spetsnaz created a new division called Sparta, which primarily targeted NATO, its members, and allies.
• The Sparta division announced its official ties with the Killnet Collective group.
• The key responsibility of this division is to launch cyber espionage attacks to steal internet resources, financial intelligence, and sensitive data from NATO, its members, and allies.

More about the operation Panopticon

• The group announced Operation Panopticon in May with an aim to recruit 3,000 volunteer cyber offensive specialists. The recruited volunteers participated in attacks against the EU, the Ukrainian government, and private organizations.
• In addition, several other divisions namely Phoenix, Rayd, Vera, FasoninnGung, Mirai, Jacky, DDoS Gung, and Sakurajima closely collaborated with Cyber Spetsnaz and its divisions to launch DDoS attacks.

Targeted victims

• The hacker group targeted five Italian logistic terminals—Sech, Trieste, TDT, Yilport, and VTP—along with several financial institutions.
• The Rayd division was associated with recent attacks on government resources in Poland, targeting the Ministry of Foreign Affairs, Senate, Border Control, and the Police.

Tools and techniques

• In addition to proprietor tools, the threat actor leveraged several scripts such as Blood, DDoS Ripper, GoldenEye, Hasoki, Karma DDoS, and MHDDos to exploit poorly configured web servers.
• For effective coordinated attacks, Cyber Spetsnaz members distributed domains assigned to the NATO infrastructure, allowing them to plan out an effective attack.

Conclusion