Summary: A recent Intrinsec report highlights the operations of Russian-aligned intrusion sets UAC-0050 and UAC-0006, which are conducting spam campaigns motivated by financial theft and cyber espionage targeting Ukraine and its allies. Their activities include a mix of phishing, malware delivery, and psychological warfare, utilizing resilient infrastructure linked to shadowy hosting providers. The report sheds light on a concerning blend of cybercrime and state-sponsored operations as these groups adapt their tactics to increase their effectiveness.
Affected: Entities in Ukraine and its allies
Keypoints :
- UAC-0050 focuses on financial theft, attempting to siphon funds from Ukrainian businesses through sophisticated scams.
- Both UAC-0050 and UAC-0006 leverage bulletproof hosting services to sustain their cybercriminal activities.
- The psychological operations executed by UAC-0050 include sending threatening emails and engaging in disinformation to foster fear and political unrest.
- UAC-0006’s operations primarily target financial institutions, using malware delivery methods that exploit vulnerabilities.
- Their activities exemplify the merging of traditional cybercrime with state-sponsored espionage tactics.