| SYMBOL | COMMON_NAME | aka. SYNONYMS |
UNG0901 is a cyber-espionage threat actor targeting Russian entities, particularly in the aerospace and defense sectors, utilizing spear-phishing tactics. They deploy the EAGLET backdoor, which exhibits functionalities similar to the Golang-based PhantomDL used by the Head Mare group, including shell, download, and upload capabilities. Notable overlaps in file-naming conventions and targeting strategies further reinforce the connection between UNG0901 and Head Mare.
There are currently no families associated with this actor.
| 2025-07-23
⋅
Seqrite
⋅
Operation CargoTalon : UNG0901 Targets Russian Aerospace & Defense Sector using EAGLET implant. UNG0901 |