Cyber Incident Victim: OJSC Galichpharm

On January 18, 2023, the pro-Russian hacktivist group CyberArmyofRussia_Reborn claimed responsibility for a cyberattack targeting OJSC Galichpharm, a pharmaceutical manufacturer specializing in finished medicines and phytochemical substances derived from herbal extracts for veterinary use, particularly in swine. The group announced the attack through a post on their Telegram channel, identifying the company as their "target for the evening" without specifying the exact timing or duration of the intrusion. No technical details regarding attack vectors—such as malware deployment, phishing tactics, or exploitation methods—were disclosed in the group's public statement. The announcement lacked information about the operational impact on Galichpharm's production facilities, supply chain, or research activities. Similarly, the group did not describe whether data exfiltration occurred, what systems were compromised, or whether ransomware or destructive payloads were deployed.

Available evidence does not indicate whether Galichpharm detected the intrusion independently, initiated incident response protocols, or engaged external cybersecurity experts for containment and recovery. No public statements from the company regarding operational disruptions, data breaches, or financial losses have been documented in the provided source material. The absence of corroborating reports from independent cybersecurity researchers or government agencies leaves the scope and severity of the incident unverified beyond the attacker's claim. Third-party telemetry or forensic analyses of network traffic, system logs, or malware signatures associated with the event were not referenced in the source. The attack's strategic context aligns with broader hacktivist campaigns targeting entities in sectors deemed economically or symbolically significant during geopolitical conflicts, though no explicit motive beyond the targeting declaration was articulated by the threat actors.