| SYMBOL | COMMON_NAME | aka. SYNONYMS |
FlyingYeti is a Russia-aligned threat actor targeting Ukrainian military entities. They conduct reconnaissance activities and launch phishing campaigns using malware like COOKBOX. FlyingYeti exploits the WinRAR vulnerability CVE-2023-38831 to infect targets with malicious payloads. Cloudforce One has successfully disrupted their operations and provided recommendations for defense against their phishing campaigns.
There are currently no families associated with this actor.
| 2024-12-11
⋅
Microsoft
⋅
Frequent freeloader part II: Russian actor Secret Blizzard using tools of other groups to attack Ukraine Amadey Kazuar Wipbot FlyingYeti |
| 2024-05-30
⋅
Cloudflare
⋅
Disrupting FlyingYeti's campaign targeting Ukraine FlyingYeti |