1. Forum
  2. tqwNet
  3. TQW GENTECH

  • Pro-Russian hackers tricked into attacking decoy target

    From TechnologyDaily@1337:1/100 to All on Tuesday, October 14, 2025 15:45:08
    Pro-Russian hackers tricked into attacking decoy target

    Date:
    Tue, 14 Oct 2025 14:37:00 +0000

    Description:
    A new Russian hacktivist group boasted about breaking into a critical infrastructure firm, not knowing it was all a fake.

    FULL STORY ======================================================================TwoNet breached a fake Dutch water facility using default credentials The target was a Forescout honeypot designed to study attacker behavior Hackers increasingly target critical infrastructure, often aiming for ransom

    A relatively young pro-Russian hacktivist group called TwoNet recently breached a Dutch water facility organization. They logged into the Human-Machine interface (HMI) using weak, default credentials , and exploited a vulnerability to deface the website.

    They then deleted connected programmable logic controllers (PLC) as data sources, which disabled real-time updates, and changed PLC setpoints through the HMI. Once that was done, they modified system settings to disable logs
    and alarms. After successfully striking the critical infrastructure organization, they took to their Telegram channel to advertise their win,
    gain a little credibility and hopefully, some notoriety.

    Now, for the plot twist: the Dutch water facility organization does not
    exist. Concrete action

    The website was real, and so was the infrastructure. But, it was all an elaborate ruse, set up by cybersecurity researchers, Forescout, to trick cybercriminals into revealing their tactics, techniques, and procedures (TTP) - a typical honeypot.

    Forescout has been building these honeypots for a little while now, and says that its seen hackers trying to deploy ransomware before.

    Last year a fake healthcare clinic caught a few threat actors, allegedly. However, this is the first time that hackers have publicly boasted about breaching something that wasnt real.

    Groups moving from DDoS/defacement to OT/ICS often misread targets, trip over honeypots, or over-claim, the researchers explained in their write-up: That doesnt make them harmless it shows where they are headed.

    Critical infrastructure organizations, including water and wastewater treatment facilities, power plants, data centers, airports, and similar, are increasingly targeted by cybercriminals.

    Most of the time these are ransomware actors, groups believing they could force the companies into paying a ransom demand in order to remain
    operational and avoid even higher costs of restarting operations.

    In some cases, the attackers are state-sponsored and tasked with either cyber-espionage, or setting up a kill-switch to be activated in certain scenarios.

    Via Cybernews

    Follow TechRadar on Google News and add us as a preferred source to get our expert news, reviews, and opinion in your feeds. Make sure to click the
    Follow button!

    And of course you can also follow TechRadar on TikTok for news, reviews, unboxings in video form, and get regular updates from us on WhatsApp too. You might also like Critical Infrastructure: The latest target for
    cybercriminals? Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/pro-russian-hackers-tricked-into-attack ing-decoy-target


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)