Gandalf_The_Grey
Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
- Apr 24, 2016
- 7,189
Ukraine's Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour.
APT28, aka Fancy Bear or Strontium, is a Russian state-sponsored threat actor known for targeting government entities, businesses, universities, research institutes, and think tanks in Western countries and NATO orgs. The hacking group is known to employ phishing campaigns and exploit zero-day vulnerabilities in widely used software.
The latest campaign targeting Ukraine took place between December 15 and 25, 2023, utilizing phishing emails urging recipients to click on a link supposedly to view an important document.
The links redirect victims to malicious web resources that employ JavaScript to drop a Windows shortcut file (LNK) that launches PowerShell commands to trigger an infection chain for a new Python malware downloader called 'MASEPIE.'
Russian military hackers target Ukraine with new MASEPIE malware
Ukraine's Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour.
www.bleepingcomputer.com