uspected Russian hackers have been targeting Ukrainian military and defense enterprises in a new espionage campaign, according to a new report.
The threat actor behind the campaign, tracked as UAC-0185 by Ukraine’s military computer emergency response team (MIL.CERT-UA), sent phishing emails disguised as invitations to a legitimate defense conference that took place in Kyiv last week.
The group, also known as UNC4221, has been active since at least 2022, primarily targeting Ukrainian military personnel by stealing credentials through messaging apps such as Signal, Telegram and WhatsApp, as well as through local military systems like Delta, Teneta and Kropyva.
In addition to account compromises, the attackers are selectively carrying out cyberattacks to gain unauthorized remote access to the computers of employees within Ukraine's defense-industrial complex and defense forces, according to MIL.CERT-UA.
More Info