EN
  • Cyber stability
  • Secops
  • Risks management
  • Digital transformation
  • Digital Sovereignty
  • Cybercrime
  • Industry and OT
  • Fraud
  • Digital identity
  • Cyber +
    • Ukrainian hacktivist groups BO Team and Head Mare cooperate against Russian targets
    • Home
    • Cyber stability
    • Ukrainian hacktivist groups BO Team and Head Mare cooperate against Russian targets

    Ukrainian hacktivist groups BO Team and Head Mare cooperate against Russian targets

    Written by
    The Editorial Team
    05.11.26
    Cyber stability
    01
    MIN
    Ukrainian hacktivist groups BO Team and Head Mare cooperate against Russian targets
    Ukrainian hacktivist groups BO Team and Head Mare cooperate against Russian targets
    Ukrainian hacktivist groups BO Team and Head Mare cooperate against Russian targets
    Image Is the Cybersecurity World Heading Toward Its Own SaaSpocalypse?
    Cyber stability
    05.06.26 Cyber stability
    Next article
    Is the Cybersecurity World Heading Toward Its Own SaaSpocalypse?
    Read
    09
    MIN
    Image Mythos: Pandora's Box or Marketing Stunt?
    Cyber stability
    04.27.26 Cyber stability
    Next article
    Mythos: Pandora’s Box or Marketing Stunt?
    Read
    09
    MIN
    Image Facing Digital Dependence: Europe’s Wake-Up Call?
    Cyber stability
    04.13.26 Cyber stability
    Next article
    Facing Digital Dependence: Europe’s Wake-Up Call?
    Read
    08
    MIN
    Image Microsoft Seeks to Strengthen Data Center Protection Against Bombings
    Cyber stability
    04.10.26 Cyber stability
    Next article
    Microsoft Seeks to Strengthen Data Center Protection Against Bombings
    Read
    01
    MIN
    Kaspersky reportedly identified shared infrastructure and tools used by the two organizations.

    Russian cybersecurity company Kaspersky published a report on May 6, 2026, establishing operational links between the Ukrainian hacktivist groups BO Team and Head Mare in attacks targeting Russian entities. Researchers identified several shared infrastructures and tools used by the two groups, in particular command-and-control systems operating from the same compromised host.

    According to Kaspersky, a “likely attack scenario” would involve initial access obtained through Head Mare’s phishing tools, before the deployment of BO Team’s malware. Active since early 2024, BO Team has gradually shifted away from destructive attacks in favor of cyberespionage. In 2026, BO Team targeted 20 Russian organizations, mainly companies in the manufacturing, telecommunications, oil and gas sectors.

    First observed in 2023, Head Mare develops its own malware, including PhantomDL and PhantomCore. The group has specialized in exploiting recently disclosed vulnerabilities to conduct phishing campaigns.

    The Editorial Team
    05.11.26
    Articles by the same author:
    1
    05.11.26 Cyber stability
    Iranian APT group MuddyWater used Chaos ransomware as cover
    Read
    01
    MIN
    2
    05.06.26 Cyber stability
    Australia establishes a commission of inquiry into major cyberattacks
    Read
    01
    MIN
    3
    04.29.26 Cybercrime
    Massive data breach hits Asian football two months before the World Cup
    Read
    01
    MIN
    4
    04.28.26 Digital transformation
    World, Sam Altman’s “proof of humanity,” is coming to Zoom and Tinder
    Read
    02
    MIN
    Image Is the Cybersecurity World Heading Toward Its Own SaaSpocalypse?
    Cyber stability
    05.06.26 Cyber stability
    Next article
    Is the Cybersecurity World Heading Toward Its Own SaaSpocalypse?
    Read
    09
    MIN
    Image Mythos: Pandora's Box or Marketing Stunt?
    Cyber stability
    04.27.26 Cyber stability
    Next article
    Mythos: Pandora’s Box or Marketing Stunt?
    Read
    09
    MIN
    Image Facing Digital Dependence: Europe’s Wake-Up Call?
    Cyber stability
    04.13.26 Cyber stability
    Next article
    Facing Digital Dependence: Europe’s Wake-Up Call?
    Read
    08
    MIN
    Image Microsoft Seeks to Strengthen Data Center Protection Against Bombings
    Cyber stability
    04.10.26 Cyber stability
    Next article
    Microsoft Seeks to Strengthen Data Center Protection Against Bombings
    Read
    01
    MIN
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.
    Stay tuned in real time
    Subscribe to
    the newsletter
    By providing your email address you agree to receive the Incyber newsletter and you have read our privacy policy. You can unsubscribe at any time by clicking on the unsubscribe link in all our emails.