mirror of
https://github.com/MISP/misp-galaxy.git
synced 2024-11-27 01:07:18 +00:00
[threat-actors] Add UAC-0050
This commit is contained in:
parent
228bbcc21d
commit
47f0b31a32
1 changed files with 13 additions and 0 deletions
|
@ -13744,6 +13744,19 @@
|
||||||
},
|
},
|
||||||
"uuid": "d869486a-ec70-4a74-897e-31aa7b3df48d",
|
"uuid": "d869486a-ec70-4a74-897e-31aa7b3df48d",
|
||||||
"value": "UAC-0118"
|
"value": "UAC-0118"
|
||||||
|
},
|
||||||
|
{
|
||||||
|
"description": "UAC-0050 is a threat actor that has been active since 2020, targeting government agencies in Ukraine. They have been distributing the Remcos RAT malware through phishing campaigns, using tactics such as impersonating the Security Service of Ukraine and sending emails with malicious attachments. The group has also been linked to other hacking collectives, such as UAC-0096, and has previously used remote administration tools like Remote Utilities. The motive behind their attacks is likely espionage.",
|
||||||
|
"meta": {
|
||||||
|
"refs": [
|
||||||
|
"https://cert.gov.ua/article/3931296",
|
||||||
|
"https://socprime.com/blog/remcos-rat-detection-uac-0050-hackers-launch-phishing-attacks-impersonating-the-security-service-of-ukraine/",
|
||||||
|
"https://socprime.com/blog/new-phishing-attack-detection-attributed-to-the-uac-0050-and-uac-0096-groups-spreading-remcos-spyware/",
|
||||||
|
"https://cert.gov.ua/article/3804703"
|
||||||
|
]
|
||||||
|
},
|
||||||
|
"uuid": "e3ff56b6-2663-46bd-9e5c-017a350896d9",
|
||||||
|
"value": "UAC-0050"
|
||||||
}
|
}
|
||||||
],
|
],
|
||||||
"version": 295
|
"version": 295
|
||||||
|
|
Loading…
Reference in a new issue