Summary: The APT group UAC-0063 has expanded its cyber operations to target embassies across Europe, leveraging compromised documents to distribute malware like HATVIBE. Initially focused on Central Asian government entities, the group has now been linked to various attacks across Europe and is suspected of being connected to Russian state-sponsored activities. Recent findings from cybersecurity firms indicate ongoing and evolving tactics, including the use of advanced data exfiltration tools and keyloggers.
Affected: Government organizations and embassies in Europe, Central Asia, and East Asia
Keypoints :
- UAC-0063 has shifted its targeting from Central Asia to European embassies, using legitimate documents for spear phishing.
- The group has been linked to multiple malware types, including DownEx, HATVIBE, and a newly discovered USB exfiltrator PyPlunderPlug.
- The stability and sophisticated functionality of tools like DownExPyer suggest a mature and persistent threat, likely aligned with Russian strategic interests.
Source: https://thehackernews.com/2025/01/uac-0063-expands-cyber-attacks-to.html
Views: 10
简体中文
Nederlands
Français
Bahasa Indonesia
日本語
Português