| Category | Details |
|---|---|
| Threat Actors | Sticky Werewolf (suspected pro-Ukraine cyberespionage or hacktivist group). |
| Campaign Overview | Targeting Russian scientific and industrial enterprises via phishing emails impersonating government ministries. |
| Target Regions (Victims) | Russia, with previous campaigns targeting enterprises in Poland and Belarus. |
| Methodology | Phishing emails impersonating Russian ministries; delivery of malicious archives containing malware. |
| Product Targeted | Scientific research and industrial sectors, defense industries. |
| Malware Reference | Ozone RAT, Darktrack RAT, Glory Stealer, MetaStealer. |
| Tools Used | Remote access trojans (RATs), stealer malware, phishing emails. |
| Vulnerabilities Exploited | Human error via phishing; lack of verification of email authenticity. |
| TTPs | Phishing with spoofed emails, malware delivery, remote access, credential theft. |
| Attribution | Suspected pro-Ukraine group; exact attribution uncertain due to limited evidence. |
| Recommendations | Strengthen email security measures, verify sender identities, train staff on phishing awareness, deploy anti-malware solutions. |
| Source | The Record |
Read full article: https://therecord.media/suspected-ukraine-hackers-russian-phishing
The above summary has been generated by an AI language model
Leave a Reply