Russian Federal Security Service (FSB) officers have detained two hackers in Siberia who conducted cyberattacks on critical infrastructure facilities under direct orders from Ukrainian intelligence services.The simultaneous arrests in the Kemerovo and Tomsk regions exposed a sophisticated cyber espionage network targeting Russia’s governmental, industrial, and [financial information](https://cybersecuritynews.com/how-to-protect-your-financial-information-from-cyber-threats/) systems.The primary suspect, a 36-year-old resident of Kemerovo, utilized encrypted messenger communications to coordinate with his Ukrainian handlers as part of an organized cyber unit.FSB investigators discovered extensive technical equipment and malicious software arsenals during searches of his apartment, revealing the scale of the operation targeting Russia’s critical infrastructure networks.The malware deployment strategy focused on disrupting essential services across multiple sectors. Government agencies, industrial enterprises, and financial organizations became primary targets through coordinated attacks designed to destabilize national operations.Even temporary incapacitation of these information resources created cascading effects throughout Russia’s economic and administrative systems.Vesti analysts [identified](https://www.vesti.ru/article/3630900) the attack methodology as a deliberate campaign to compromise sensitive infrastructure through persistent malware infiltration.The hackers employed sophisticated techniques to maintain prolonged access to target networks, enabling sustained data exfiltration and system disruption capabilities.**Technical Analysis of the Malware Infrastructure**—————————————————-The investigation revealed that the threat actors utilized a multi-stage infection mechanism incorporating messenger-based command and control communications.The malware exhibited advanced [persistence](https://cybersecuritynews.com/detecting-and-responding-to-new-nation-state-persistence-techniques/) tactics, likely employing registry modifications and scheduled task creation to maintain system access.Detection evasion techniques included process hollowing and memory injection methods to avoid traditional antivirus signatures. # Example of potential persistence mechanism import os import subprocess def establish_persistence(): task_name = ‘SystemUpdateCheck’ executable_path = ‘C:–Windows–System32–svchost.exe’ subprocess.run([‘schtasks’, ‘/create’, ‘/tn’, task_name, ‘/tr’, executable_path, ‘/sc’, ‘onstart’])The [malware](https://cybersecuritynews.com/chatgpt-powered-malware-analysis/) architecture suggests sophisticated threat actors with substantial resources and technical expertise.Former FSB official Alexander Belyaev noted that Ukrainian intelligence services exploit individuals through financial incentives or ideological manipulation, creating a recruitment pipeline for cyber operations.Both hackers now face high treason charges carrying potential 20-year prison sentences.The case underscores the escalating cyber warfare dimension of the ongoing conflict, where digital battlefields extend far beyond traditional military engagements into civilian infrastructure vulnerabilities.Investigate live malware behavior, trace every step of an attack, and make faster, smarter security decisions –> [**Try ANY.RUN now**](https://any.run/demo?utm_source=csn&utm_medium=article&utm_campaign=braodo_stealer&utm_content=demo_1&utm_term=250625)The post [Russia Jailed Hacker Who Worked for Ukrainian Intelligence to Launch Cyberattacks on Critical Infrastructure](https://cybersecuritynews.com/russia-jailed-hacker-who-worked-for-ukrainian-intelligence/) appeared first on [Cyber Security News](https://cybersecuritynews.com).
Related Tags:
NAICS: 221 – Utilities
NAICS: 52 – Finance And Insurance
NAICS: 518 – Computing Infrastructure Providers
Data Processing
Web Hosting
Related Services
NAICS: 92 – Public Administration
NAICS: 22 – Utilities
NAICS: 522 – Credit Intermediation And Related Activities
NAICS: 51 – Information
schtasks
schtasks.exe
Associated Indicators: