Today > | 1 Medium vulnerabilities   -   You can now download lists of IOCs here!

Tag: army+

1 attack reports | 0 vulnerabilities

Attack reports

Cyberattack: UAC-0125 using the theme "Army+" (CERT-UA#12559)

A cyber attack attributed to UAC-0125 has been identified, involving websites mimicking the official 'Army+' app page. These sites, hosted on Cloudflare Workers, prompt users to download a malicious executable. The EXE file, an NSIS installer, contains a decoy .NET file, Python interpreter, Tor fil…

sandworm
openssh
cloudflare workers
nsis
tor
2024-12-20
apt44
uac-0125
army+
Published: December 20, 2024

Downloadable IOCs 6

» Click here to see all Attack Reports «