top of page
Search
Writer's pictureStormsec

Shuckworm: Russia-Linked Group Maintains Ukraine Focus

Recent Shuckworm activity observed and aimed at Ukraine appears to be delivering information-stealing malware to targeted networks. This activity was ongoing as recently as August 8, 2022 and much of the activity observed in this campaign is consistent with activity that was highlighted by CERT-UA on July 26.




ADVERSARY: Gamaredon Group


TARGETED COUNTRY: Ukraine


MALWARE FAMILY: Giddome


ATT&CK IDS: T1113 - Screen Capture, T1059 - Command and Scripting Interpreter, T1036 - Masquerading, T1119 - Automated Collection, T1218.005 - Mshta, T1020 - Automated Exfiltration, T1041 - Exfiltration Over C2 Channel


Read More:

1 view

Comments


Commenting has been turned off.
bottom of page