reported  “A hacking group the Ukrainian government says is a unit of Russian intelligence attempted earlier this year to compromise a large petroleum refining company based inside a NATO member, new research charges.” A December 20, 2022 report entitled “Russian Hackers Targeted Oil Refinery Firm in NATO Country” ( included these comments:

The group, variously dubbed Gamaredon, Primitive Bear, or UAC-0010, has been active since around the time that Russian aggression sparked ongoing conflict in Ukraine, in 2014 or 2013. A Ukrainian assessment traces the group to the self-proclaimed “Office of the FSB of Russia in the Republic of Crimea and the city of Sevastopol” and says its staff includes former Ukrainian law enforcement officials. 

Trident Ursa, as Palo Alto Networks’ Unit 42 threat intelligence calls the threat actor, is “one of the most pervasive, intrusive, continuously active and focused APTs targeting Ukraine,” the company says in a Tuesday report detailing the threat actor’s recent activities. 

I’m sure no one is surprise at this news!