Several threat actors have taken advantage of the war in Ukraine to launch a number of cyber attacks. The Malwarebytes Threat Intelligence team is actively monitoring these threats and has observed activities associated with the geopolitical conflict.
More specifically, we’ve witnessed several APT actors such as Mustang Panda, UNC1151 and SCARAB that have used war-related themes to target mostly Ukraine. We’ve also observed several different wipers and cybercrime groups such as FormBook using the same tactics. Beside those known groups we saw an actor that used multiple methods to deploy a variants of Quasar Rat. These methods include using documents that exploit CVE-2017-0199 and CVE-2021-40444, macro-embedded documents, and executables. New spear phishing campaign targets Russian dissidents
Rascals are always sociable, and the chief sign that a man has any nobility in his character is the little pleasure he takes in others company. Arthur Schopenhauer