CyberSecurity news

FlagThis

@malware.news //

UAT-5647 Targets Ukrainian and Polish Entities with RomCom Malware Variants


Share: bluesky twitterx--v2 facebook--v1 threads


References :
  • malware.news: UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
  • Cisco Talos Blog: UAT-5647: RomCom malware variants
  • cert.gov.ua: This article discusses the threat posed by RomCom to Ukrainian entities.
  • Unit 42: This research paper details the various components of the RomCom malware.
  • www.cisco.com: UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants
  • thehackernews.com: The Hacker News article on RomCom attacks against Ukrainian entities
  • attack.mitre.org: UAT-5647, a Russian-speaking threat actor group, is targeting Ukrainian and Polish entities with various malware variants
  • signup.duo.com: UAT-5647, a Russian-speaking threat actor group, is targeting Ukrainian and Polish entities with various malware variants
  • www.snort.org: UAT-5647, a Russian-speaking threat actor group, is targeting Ukrainian and Polish entities with various malware variants
  • ciso2ciso.com: This news reports that a new variant of SingleCamper RAT has been used in attacks targeting Ukrainian government entities.
  • ciso2ciso.com: The Russian-linked RomCom group has been targeting Ukrainian government agencies since late 2023, deploying a new SingleCamper RAT variant. The group uses malicious spear-phishing messages to distribute the MeltingClaw and RustyClaw downloaders, ultimately leading to the deployment of the SingleCamper trojan, a remote access tool.
  • malware.news: This article outlines the RomCom group’s new campaign targeting Ukrainian government agencies and individuals in Poland, detailing the malware variants used.
  • thehackernews.com: The RomCom group's attack involves spear-phishing messages that deliver the MeltingClaw and RustyClaw downloaders, which in turn deploy the ShadyHammock and DustyHammock backdoors, ultimately leading to the deployment of the SingleCamper Trojan.
  • www.scworld.com: This brief summarizes the RomCom group’s new campaign, emphasizing the use of spear-phishing and the deployment of the SingleCamper trojan.
  • social.skynetcloud.site: This social media post mentions the RomCom group’s new campaign targeting Ukrainian government agencies and highlights the SingleCamper RAT variant.
  • social.skynetcloud.site: Russia-linked RomCom group targeted Ukrainian government agencies since late 2023 – Source: securityaffairs.com
Classification:
  • HashTags: #malware #ukraine #cybersecurity
  • Target: Ukrainian government entities and Polish entities
  • Attacker: UAT-5647
  • Malware: SingleCamper
  • Type: Malware
  • Severity: Major