Russian govt hackers hit Ukraine with Cobalt Strike, CredoMap malware

The Ukrainian Computer Emergency Response Team (CERT) is warning that Russian hacking groups are exploiting the Follina code execution vulnerability in new phishing campaigns to install the CredoMap malware and Cobalt Strike beacons.

The APT28 hacking group is believed to be sending emails containing a malicious document name “Nuclear Terrorism A Very Real Threat.rtf.”. The threat actors selected the topic of this email to entice recipients to open it, exploiting the fear that’s spread among Ukrainians about a potential nuclear attack.

Threat actors also used a similar tactic in May 2022, when CERT-UA identified the dissemination of malicious documents warning about a chemical attack.

Read more…
Source: Bleeping Computer