Malpedia Library

Click here to download all references as Bib-File.•

2025-04-06 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Target espionage activity UAC-0226 in relation to the centers of innovation, state and law enforcement services using the GIFTEDCROOK (CERT-UA#14303)
GIFTEDCROOK UAC-0226

2025-04-01 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0219: Cyber espionage using PowerShell stealer WRECKSTEEL (CERT-UA#14283)
WRECKSTEEL UAC-0219 UAC-0226

2024-12-07 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Targeted cyberattacks UAC-0185 in relation to the Defense Forces and enterprises of defense systems of Ukraine (CRT-UA#12414)
UAC-0185

2024-10-24 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Accounts in service UAC-0218: file theft using HOMESTEEL (CERT-UA#11717)
HOMESTEEL UAC-0215

2024-07-21 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0063 Attacks Research Institutions of Ukraine: HATVIBE + CHERRYSPY + CVE-2024-23692 (CERT-UA#10356)
HATVIBE

2024-06-05 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0020 (Vermin) attacks the Defense Forces of Ukraine using the SPECTR SPZ in tandem with the legitimate SyncThing ("SickSync" campaign) (CERT-UA#9934)
UAC-0020

2024-06-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0200: Targeted cyberattacks using DarkCrystal RAT and Signal as a trusted distribution vehicle (CERT-UA#9918)
DCRat

2024-04-19 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0133 (Sandworm) plans for cyber sabotage on almost 20 objects of critical infrastructure of Ukraine
Kapeka reGeorg

2024-04-18 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0149 cyberattack exploiting Signal, CVE-2023-38831 vulnerability, and COOKBOX malware (CERT-UA#9522)
COOKBOX

2024-02-26 ⋅ SOC Prime ⋅ Veronika Telychko
UAC-0149 Attack Detection: Hackers Launch a Targeted Attack Against the Armed Forces of Ukraine, as CERT-UA Reports
COOKBOX UAC-0149

2024-02-24 ⋅ Cert-UA ⋅ Cert-UA
UAC-0149: Targeted selective attacks against the Defense Forces of Ukraine using COOKBOX (CETRT-UA#9204)
COOKBOX UAC-0149

2023-12-28 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28: From initial attack to creating threats to a domain controller in an hour
STEELHOOK MASEPIE OCEANMAP

2023-12-07 ⋅ ⋅ Cert-UA ⋅ Cert-UA
UAC-0050 mass cyberattack using RemcosRAT/MeduzaStealer against Ukraine and Poland (CERT-UA#8218)
Meduza Stealer Remcos

2023-10-15 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Peculiarities of destructive cyber attacks against Ukrainian providers (CERT-UA#7627)
Poseidon UAC-0006

2023-09-04 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 cyberattack: msedge as a bootloader, TOR and mockbin.org/website.hook services as a control center (CERT-UA#7469)

2023-07-18 ⋅ Cert-UA ⋅ Cert-UA
Targeted Turla attacks (UAC-0024, UAC-0003) using CAPIBAR and KAZUAR malware (CERT-UA#6981)
DeliveryCheck Kazuar

2023-07-07 ⋅ Cert-UA ⋅ Cert-UA
UAC-0057 Targeted Cyber Attack Against Government Agencies Using PicassoLoader/njRAT (CERT-UA#6948)
PicassoLoader Ghostwriter

2023-06-20 ⋅ ⋅ Cert-UA ⋅ Cert-UA
APT28 group used three Roundcube exploits (CVE-2020-35730, CVE-2021-44026, CVE-2020-12641) during another espionage campaign (CERT-UA#6805)

2023-06-19 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Targeted UAC-0102 cyber attacks against UKR.NET service users (CERT-UA#6858)
UAC-0102

2023-05-22 ⋅ ⋅ Cert-UA ⋅ Cert-UA
Espionage activity of UAC-0063 against Ukraine, Kazakhstan, Kyrgyzstan, Mongolia, Israel, India (CERT-UA#6549)
UAC-0063