← All Threat Actors
Threat Actor Profile

Cyber Serp

UAC-0255
▲ High Threat
CERT-UA Impersonation Campaign
Origin Russia
Motivation Cyber espionage and disruption targeting Ukrainian government and critical infrastructure.

Target Sectors

Ukrainian government organizations Medical centers Security companies Educational institutions Financial institutions Software development firms

Known TTPs

Phishing
Impersonation of trusted authorities (e.g., CERT-UA)
AI-generated phishing websites
Remote Access Trojan (RAT) deployment
Go-language malware development (AGEWHEEZE)
WebSocket C2 communication
Persistence via Windows registry and Scheduled tasks
Use of third-party file-sharing services (Files.fm)

External Resources

CISA Advisories ↗

Related Intelligence

Hacking the mainframe…

LINK COPIED TO CLIPBOARD