A naukri.com initiative
Socprime
4w
285
Image Credit: Socprime
UAC-0050 Attack Detection: russia-Backed APT Performs Cyber Espionage, Financial Crimes, and Disinformation Operations Against Ukraine
- The UAC-0050 hacking collective known for its extensive offensive operations against Ukraine is back into the cyber threat arena.
- The UAC-0050 group focuses on three key directions, including cyber espionage and financial crimes, and disinformation operations tracked under the “Fire Cells Group” brand.
- Organizations require reliable detection resources to proactively defend against potential intrusions as cyber-attacks by Russia-affiliated hacking collectives against Ukrainian entities become more frequent and sophisticated.
- SOC Prime Platform equips security teams with the entire detection stack to proactively thwart cyber-attacks covered in the related CERT-UA research.
- Financially motivated cyber crimes, which were recently observed, are also affiliated with the UAC-0006 hacking group.
- UAC-0050 is a Russia-linked hacking group that primarily targets Ukrainian state bodies, using phishing campaigns to distribute Remcos RAT malware, often posing as the Security Service of Ukraine and sending emails with malicious attachments.
- UAC-0050 mainly focuses on cyber espionage, financially motivated threats, and the “Fire Cells Group” brand's cyber activity, as observed in a recent CERT-UA report.
- UAC-0050 attempted at least 30 cases of unauthorized access to accountants' computers using REMCOS/TEKTONITRMS software to steal funds in the past few months.
- To mitigate UAC-0050 attacks, financial institution clients are advised to implement technical methods to verify payment actions, including using additional authentication through a mobile app.
- Leveraging MITRE ATT&CK(SM) gains detailed insight into the context of the most offensive operations associated with UAC-0050, and SOC Prime has a comprehensive set of dedicated Sigma rules addressing the corresponding ATT&CK tactics, techniques, and sub-techniques.
Read Full Article
17 Likes
For uninterrupted reading, download the app