Russian technology and defense-linked companies have been targeted in recent weeks by a cyber espionage campaign that used AI-generated decoy documents, according to cybersecurity firm Intezer. The operation focused on firms involved in air defense systems, sensitive electronics and other military applications, highlighting how accessible AI tools are increasingly being leveraged in sophisticated hacking efforts.

Researchers attribute the campaign to a hacking group known as “Paper Werewolf,” also tracked as GOFFEE, which has been active since 2022 and is widely believed to be pro-Ukrainian. The group reportedly used fake documents—such as invitations to concerts for senior officers and official-looking requests from Russian ministries—to trick targets into opening malicious files. Analysts say the campaign offers rare visibility into cyber espionage operations aimed at Russian entities, which are often difficult to observe.

Experts note that while such attacks are not unusual amid the ongoing Russia-Ukraine war, the use of AI-generated content significantly lowers the barrier to executing complex cyber operations. The targeting of major defense contractors suggests an interest in Russia’s military production, supply chains and research activities. While Intezer linked the operation to Paper Werewolf based on technical indicators, it remains unclear whether the hackers were working directly with a nation-state or collaborating with other pro-Ukrainian cyber groups.

Pic courtesy: google/ images are subject to copyright