Tag: CERTUA

UAC-0056 Threat Actors Deliver Cobalt Strike Beacon Malware in Yet Another Phishing Campaign Against Ukraine
UAC-0056 Threat Actors Deliver Cobalt Strike Beacon Malware in Yet Another Phishing Campaign Against Ukraine

Hot on the heels of the cyber-attack on July 5 targeting Ukrainian state bodies and attributed to the notorious UAC-0056 hacking collective, yet another malicious campaign launched by this group causes a stir in the cyber domain. On July 11, 2022, cybersecurity researchers at CERT-UA warned the global community of an ongoing phishing attack leveraging […]

Read More
Cobalt Strike Beacon Malware Detection: A New Cyber-Attack on Ukrainian Government Organizations Attributed to the UAC-0056 Group
Cobalt Strike Beacon Malware Detection: A New Cyber-Attack on Ukrainian Government Organizations Attributed to the UAC-0056 Group

The notorious Cobalt Strike Beacon malware has been actively distributed by multiple hacking collectives in spring 2022 as part of the ongoing cyber war against Ukraine, mainly leveraged in targeted phishing attacks on Ukrainian state bodies. On July 6, 2022, CERT-UA released an alert warning of a new malicious email campaign targeting Ukrainian government entities. […]

Read More
DarkCrystal RAT Detection: Russia-Affiliated APT Targets Ukrainian Telecom Companies
DarkCrystal RAT Detection: Russia-Affiliated APT Targets Ukrainian Telecom Companies

On June 24, 2022, CERT-UA warned about a new malicious campaign targeting telecommunication providers in Ukraine. According to the investigation, russia-linked adversaries launched a massive phishing campaign delivering DarkCrystal remote access Trojan (RAT), able to perform reconnaissance, data theft, and code execution on the affected instances. The malicious activity is tracked as UAC-0113, which with […]

Read More
CVE-2021-40444 and CVE-2022-30190 Exploit Detection: Cobalt Strike Beacon Delivered in a Cyber-Attack on Ukrainian State Bodies
CVE-2021-40444 and CVE-2022-30190 Exploit Detection: Cobalt Strike Beacon Delivered in a Cyber-Attack on Ukrainian State Bodies

Just two days after the nefarious CVE-2022-30190 aka Follina was revealed, security researchers report in-the-wild attacks leveraging the exploits to target state institutions of Ukraine. On June 2, 2022, CERT-UA issued a heads-up warning of an ongoing campaign spreading Cobalt Strike Beacon malware by exploiting Windows CVE-2021-40444 and CVE-2022-30190 zero-day vulnerabilities, which have been recently in […]

Read More