Today > 1 Critical | 5 High | 21 Medium vulnerabilities   -   You can now download lists of IOCs here!

CERT-UA Report: UAC-0198: Mass distribution of ANONVNC (MESHAGENT) among government organizations of Ukraine

Aug. 13, 2024, 9:13 a.m.

Description

According to the report, cyber operations related to the ongoing military conflict between Russia and Ukraine are ongoing. The report highlights the potential risks and threats posed by Russian state-sponsored actors, including the deployment of wiper malware, distributed denial-of-service (DDoS) attacks, and data leaks targeting Ukrainian government and critical infrastructure organizations. It also warns of the possibility of collateral impact on other countries and sectors due to the interconnected nature of cyberspace.

Date

Published: Aug. 13, 2024, 8:50 a.m.

Created: Aug. 13, 2024, 8:50 a.m.

Modified: Aug. 13, 2024, 9:13 a.m.

Indicators

a7297883de84d73fb4965c00228144a0e53c573ad3b7291be39bc6d9c284454c

4c4872202abb5a60a8764bf44b370578a2b3d6f449b3881e96cc38f1b55f9cda

02ec55a5a2ad775adccd333edd94ac0bd82129a233736f7240044e085b73b0b3

66.94.109.162

66.94.104.4

186.2.171.76

http://gbshost.net/

http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/tox2/scan_docs#40562153.msi

http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/tox2/

http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/tox/

http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/1.../

http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/.........../

chafik.zaalouk@ac-strasbourg.fr

sync.smartcloudflare.com

sync.smart-vnc.com

sync.invoice-traffic.com

sync.hiddenvnc.com

sync.anonvnc.com

syn.hiddenvnc.com

smartcloudflare.com

smart-vnc.com

invoice-traffic.com

hiddenvnc.com

gbshost.org

gbshost.net

anonvnc.com

Attack Patterns

T1565

T1486

T1547

T1082

T1083

T1499

T1485

T1562

T1090

Additional Informations

Ukraine