Hackers have targeted Ukrainian defense organizations and the military-industrial complex in a series of phishing attacks using the UAC-0185 (aka UNC4221) group.
CERT-UA issued a security alert notifying cyber defenders of the attacks, which masquerade the sender as the Ukrainian Union of Industrialists and Entrepreneurs (UUIE).
The attacks involve email spoofing and lures recipients with invitations to a conference on transitioning Ukraine's defense industry products to NATO standards.
The UAC-0185 group is known for credential theft, remote access to military systems, and the use of custom tools like MESHAGENT and UltraVNC.