alt Hacker NewsFair point. Just because a domain is registered in Ukraine doesn't mean it's acting in Ukraine's interests. But that works both ways. If Russian actors can operate from Ukraine, then Ukrainian actors (or others) can also operate from Russia, or at least make it look that way. Cyber attacks originating from Ukraine and targeting Russia aren't uncommon either, which only adds to the complexity of attribution.
The issue isn't just attribution but also affiliation. When similar attacks come from Ukraine targeting Russia, Google stays quiet. I understand that Russia invaded Ukraine, not the other way around, but given the complexity of the conflict, aligning with one side in cyber warfare reporting is a questionable move. At the end of the day, attacks will come from both sides - it's a war, after all.
Edit: when I say 'questionable move', I'm specifically referring to Google. It's unclear what they were trying to achieve with this article, is it a political statement or just a marketing piece showcasing how good GTIG is? Or both?
Ukrainian military are moving from Telegram, which presumably still has some ties to Russia despite the claims. And this is yet another phishing campaign in Ukrainian language that makes use of Ukrainian-registered domains to host fake Signal group invites to make Ukrainian military join and link their devices to an adversary-controlled machine. Who might be behind that attack? Hmm, let me think... I don't know! Probably Ukrainians themselves. Or it might be the US. Might as well be the Martians. We will never know the real truth, after all nobody is to be trusted during the war!
Stop the tiresome FUD please. This war is surprisingly straightforward by the standards of the last century, it's literally out of some decades-old textbook. Let's not drag this discussion here again. If you have specific issues with Google's attribution here, please state them, HN is pretty aware that attribution can be shaky. My only gripe with the article is the clickbait title: nobody says that someone is "targeting e-mail" about e-mail phishing.