Shuckworm Continues Cyber-Espionage Attacks Against Ukraine
The Russia-linked Shuckworm group (aka Gamaredon, Armageddon) is continuing to conduct cyber-espionage attacks against targets in Ukraine. Over the course of recent months, Symantec’s Threat Hunter Team, a part of Broadcom Software, has found evidence of attempted attacks against a number of organizations in the country.
REFERENCE:
TAGS:
ADVERSARY:
TARGETED COUNTRY:
MALWARE FAMILIES:
Pterodo, Pteranodon
ATT&CK IDS:
T1053 - Scheduled Task/Job, T1219 - Remote Access Software, T1566 - Phishing, TA0005 - Defense Evasion, T1021.005 - VNC, T1091 - Replication Through Removable Media
Link : https://otx.alienvault.com/pulse/61f817a8ab6a312fb2a4313d
Link : https://otx.alienvault.com/pulse/61f817a8ab6a312fb2a4313d
*Beware click the link!