Russia’s hybrid war against Ukraine shows no signs of abating, with recent fighting reported in Bakhmut and Belgorod. The conflict has taken on multiple dimensions, including cyber warfare, mercenaries, and cross-border raids. In recent news, a raid into Russia has been attributed to anti-Putin Russian partisans, though it is seen as more propaganda than an offensive move. Meanwhile, Ukraine troops are said to still be fighting around Bakhmut, despite Russia’s claim to have seized the city. The conflict has spread to Belgorod, where pro-Ukrainian fighters launched a tank raid while anti-Putin militias overran a village in the same border region. In response, residents of Belgorod were moved to temporary housing after drone strikes, and Russia opened a terrorism investigation.
In the midst of this conflict, Ukraine’s President Zelenskyy has been busy with diplomacy, wooing key players like India, France, and Japan. Meanwhile, Russia’s Prime Minister Mishustin has visited China with a U.S.-sanctioned delegation. The conflict has also extended to the cyber realm, as a massive cyberattack warned Ukrainians to expect the worst while Russia refused to cooperate with Australian police over Medibank hackers. Additionally, security experts are weighing in on a Snake malware operation, and lessons from the Russia-Ukraine conflict are being applied to cybersecurity moving forward.
As violence persists, the toll of the conflict on both sides is increasingly apparent. A story in The Telegraph explores the battle for Bakhmut through the eyes of those who fought it, painting a devastating picture of the destruction wrought on the city. Meanwhile, Wagner Chief Prigozhin says his troops will leave Bakhmut by June 1, and the decision to donate F-16s to Ukraine marks a key step in the conflict. While SECAF Kendall says the jets will not be a game-changer, others believe they will strike fear into Putin’s pilots. Amid the conflict, a Russian soldier who quit after serving in Ukraine has been sentenced to three years in prison, while Siberian actors have asked authorities to remove a pro-war banner from a theater’s facade.
As the conflict shows no signs of abating, the use of technology in the conflict has become increasingly sophisticated. For example, AhRat, a new Android RAT based on AhMyth that steals files and records audio, was distributed via an app in the Google Play Store. Additionally, SuperMailer abuse is being used to launch high-volume credential phishing campaigns, while BlackCat ransomware deployed a new signed kernel driver. Threat actor p0-LUCR-1, also known as GUI-vil (Goo-ee-vil), was found to be a cloud-focused, financially motivated group, while the FBI warns of false job advertisements linked to labor trafficking at Southeast Asia-based scam compounds. Meanwhile, generative AI has emerged as a new attack vector for online platforms, according to ActiveFence Threat Intelligence.