CERT-UA Report: UAC-0198: Mass distribution of ANONVNC (MESHAGENT) among government organizations of Ukraine
Aug. 13, 2024, 9:13 a.m.
Tags
External References
Description
According to the report, cyber operations related to the ongoing military conflict between Russia and Ukraine are ongoing. The report highlights the potential risks and threats posed by Russian state-sponsored actors, including the deployment of wiper malware, distributed denial-of-service (DDoS) attacks, and data leaks targeting Ukrainian government and critical infrastructure organizations. It also warns of the possibility of collateral impact on other countries and sectors due to the interconnected nature of cyberspace.
Date
Published: Aug. 13, 2024, 8:50 a.m.
Created: Aug. 13, 2024, 8:50 a.m.
Modified: Aug. 13, 2024, 9:13 a.m.
Indicators
a7297883de84d73fb4965c00228144a0e53c573ad3b7291be39bc6d9c284454c
4c4872202abb5a60a8764bf44b370578a2b3d6f449b3881e96cc38f1b55f9cda
02ec55a5a2ad775adccd333edd94ac0bd82129a233736f7240044e085b73b0b3
66.94.109.162
66.94.104.4
186.2.171.76
http://gbshost.net/
http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/tox2/scan_docs#40562153.msi
http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/tox2/
http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/tox/
http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/1.../
http://filedn.eu/lodwtgn8sswha6pn8hxwe1j/.........../
chafik.zaalouk@ac-strasbourg.fr
sync.smartcloudflare.com
sync.smart-vnc.com
sync.invoice-traffic.com
sync.hiddenvnc.com
sync.anonvnc.com
syn.hiddenvnc.com
smartcloudflare.com
smart-vnc.com
invoice-traffic.com
hiddenvnc.com
gbshost.org
gbshost.net
anonvnc.com
Attack Patterns
T1565
T1486
T1547
T1082
T1083
T1499
T1485
T1562
T1090
Additional Informations
Ukraine