Cyber Attack cyber

Ukrainian aviation organization

Jul 29, 2025 1 min read
Ukrainian aviation organization

A sophisticated Russian state-sponsored advanced persistent threat group known as Laundry Bear has targeted a Ukrainian aviation organization through an extensive campaign of espionage and intelligence gathering. The group has demonstrated advanced capabilities in social engineering and infrastructure obfuscation, focusing on high-value targets. Their attack methodology relies heavily on stolen credentials and session cookies for initial access, combined with sophisticated spear-phishing campaigns that utilize carefully crafted domain typosquats designed to deceive even security-conscious users. This attack has significant implications for national security and could potentially compromise critical information.

Source: https://cybersecuritynews.com/laundry-bear-infrastructure/

TPRM report: https://www.rankiteo.com/company/boryspilairport

"id": "bor901072925",
"linkid": "boryspilairport",
"type": "Cyber Attack",
"date": "7/2025",
"severity": "100",
"impact": "8",
"explanation": "Attack that could bring to a war"
{'affected_entities': [{'industry': 'Law Enforcement',
                        'location': 'Netherlands',
                        'name': 'Dutch Police Force',
                        'type': 'Government'},
                       {'industry': 'Aviation',
                        'location': 'Ukraine',
                        'name': 'Ukrainian Aviation Organization',
                        'type': 'Government'},
                       {'industry': 'Various',
                        'location': 'Europe and US',
                        'name': 'Multiple European and US Non-Governmental '
                                'Organizations',
                        'type': 'Non-Governmental'}],
 'attack_vector': ['Stolen Credentials', 'Session Cookies', 'Spear-Phishing'],
 'date_detected': 'April 2024',
 'description': 'A sophisticated Russian state-sponsored advanced persistent '
                'threat (APT) group known as Laundry Bear has emerged as a '
                'significant cybersecurity concern, targeting NATO countries '
                'and Ukraine through an extensive campaign of espionage and '
                'intelligence gathering.',
 'initial_access_broker': {'entry_point': ['Stolen Credentials',
                                           'Session Cookies',
                                           'Spear-Phishing'],
                           'high_value_targets': ['Dutch Police Force',
                                                  'Ukrainian Aviation '
                                                  'Organization',
                                                  'Multiple European and US '
                                                  'Non-Governmental '
                                                  'Organizations']},
 'motivation': 'Espionage and Intelligence Gathering',
 'references': [{'source': 'Validin'},
                {'source': 'Microsoft Threat Intelligence'}],
 'threat_actor': 'Laundry Bear (Void Blizzard)',
 'title': 'Laundry Bear APT Campaign',
 'type': 'Espionage and Intelligence Gathering'}
Published by
Jeremy C
Jeremy C
You might also like
Great! Next, complete checkout for full access to Rankiteo Blog.
Welcome back! You've successfully signed in.
You've successfully subscribed to Rankiteo Blog.
Success! Your account is fully activated, you now have access to all content.
Success! Your billing info has been updated.
Your billing was not updated.