Malpedia Library

Click here to download all references as Bib-File.•

2024-10-24 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Accounts in service UAC-0218: file theft using HOMESTEEL (CERT-UA#11717)
HOMESTEEL UAC-0215

2024-06-05 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0020 (Vermin) attacks the Defense Forces of Ukraine using the SPECTR SPZ in tandem with the legitimate SyncThing ("SickSync" campaign) (CERT-UA#9934)
UAC-0020

2024-06-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0200: Targeted cyberattacks using DarkCrystal RAT and Signal as a trusted distribution vehicle (CERT-UA#9918)
DCRat

2024-04-19 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0133 (Sandworm) plans for cyber sabotage on almost 20 objects of critical infrastructure of Ukraine
Kapeka reGeorg

2024-04-18 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0149 cyberattack exploiting Signal, CVE-2023-38831 vulnerability, and COOKBOX malware (CERT-UA#9522)
COOKBOX

2023-12-28 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28: From initial attack to creating threats to a domain controller in an hour
STEELHOOK MASEPIE OCEANMAP

2023-12-07 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0050 mass cyberattack using RemcosRAT/MeduzaStealer against Ukraine and Poland (CERT-UA#8218)
Meduza Stealer Remcos

2023-10-15 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Peculiarities of destructive cyber attacks against Ukrainian providers (CERT-UA#7627)
Poseidon UAC-0006

2023-09-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469)

2023-07-18 ⋅ Cert-UA ⋅ Cert-UA
Targeted Turla attacks (UAC-0024, UAC-0003) using CAPIBAR and KAZUAR malware (CERT-UA#6981)
DeliveryCheck Kazuar

2023-07-07 ⋅ Cert-UA ⋅ Cert-UA
UAC-0057 Targeted Cyber Attack Against Government Agencies Using PicassoLoader/njRAT (CERT-UA#6948)
PicassoLoader Ghostwriter

2023-06-20 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 group used three Roundcube exploits (CVE-2020-35730, CVE-2021-44026, CVE-2020-12641) during another espionage campaign (CERT-UA#6805)

2023-06-19 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Targeted UAC-0102 cyber attacks against UKR.NET service users (CERT-UA#6858)
UAC-0102

2023-05-22 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Espionage activity of UAC-0063 against Ukraine, Kazakhstan, Kyrgyzstan, Mongolia, Israel, India (CERT-UA#6549)
UAC-0063

2023-04-28 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: distribution of emails with "instructions" on "updating the operating system" (CERT-UA#6562)
Mocky LNK

2023-02-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack of the group UAC-0050 (UAC-0096) using the Remcos program (CERT-UA#6011)
Remcos UAC-0050

2023-02-13 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack on organizations and institutions of Ukraine using the Remote Utilities program (CERT-UA#5961)

2023-02-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0050 cyber attack against the state bodies of Ukraine using the program for remote control and surveillance Remcos (CERT-UA#5926)
Remcos UAC-0050

2023-01-27 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack on the Ukrinform information and communication system
CaddyWiper

2022-12-22 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Cyber attack on DELTA system users using RomCom/FateGrab/StealDeal malware (CERT-UA#5709)
ROMCOM RAT