Summary: A suspected Ukraine-linked hacker group, Sticky Werewolf, is targeting Russian scientific and industrial enterprises through a new cyber-espionage campaign. The group has been using fraudulent emails that appear to come from Russia’s Ministry of Industry and Trade to deliver malware, specifically the Ozone remote access trojan. This campaign highlights the ongoing cyber conflict between Ukraine and Russia, with Sticky Werewolf being one of the most active threat actors against Russian entities.
Threat Actor: Sticky Werewolf | Sticky Werewolf
Victim: Russian scientific and industrial enterprises | Russian scientific and industrial enterprises
Keypoints :
- Sticky Werewolf targets government agencies, research institutes, and industrial enterprises in Russia, Poland, and Belarus.
- The group uses tactics such as phishing emails containing malicious attachments to deploy remote access malware.
- Previous attacks by the group included targeting a pharmaceutical company and a microbiology research institute in Russia.
Source: https://therecord.media/suspected-ukraine-hackers-russian-phishing