Pro-Ukraine BO Team and Head Mare hackers appear to team up in attacks against Russia

BO Team and Head Mare are reported to be coordinating cyber operations against Russian and Belarusian targets, with Kaspersky identifying overlapping infrastructure and toolsets; BO Team has shifted toward covert espionage and in Q1 2026 targeted 20 organizations across manufacturing, telecommunications, and oil & gas using phishing and backdoors (BrockenDoor, Remcos, DarkGate) while Head Mare employs custom malware (PhantomDL, PhantomCore).