Malware News Russian military hackers target Ukraine with new MASEPIE malware

Gandalf_The_Grey

Level 82
Thread author
Verified
Honorary Member
Top Poster
Content Creator
Well-known
Apr 24, 2016
7,189
Ukraine's Computer Emergency Response Team (CERT) is warning of a new phishing campaign that allowed Russia-linked hackers to deploy previously unseen malware on a network in under one hour.

APT28, aka Fancy Bear or Strontium, is a Russian state-sponsored threat actor known for targeting government entities, businesses, universities, research institutes, and think tanks in Western countries and NATO orgs. The hacking group is known to employ phishing campaigns and exploit zero-day vulnerabilities in widely used software.

The latest campaign targeting Ukraine took place between December 15 and 25, 2023, utilizing phishing emails urging recipients to click on a link supposedly to view an important document.

The links redirect victims to malicious web resources that employ JavaScript to drop a Windows shortcut file (LNK) that launches PowerShell commands to trigger an infection chain for a new Python malware downloader called 'MASEPIE.'
 

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

User Menu

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top