The Computer Emergency Response Team of Ukraine (CERT-UA) reports that the threat actor group UAC-0184 is increasingly using popular messengers and social engineering in 2024 to target the Ukrainian military, and steal documents/messenger data (e.g. Signal). Malware delivered include IDAT, RemcosRAT, VIOTTOKEYLOGGER, XWorm, SIGTOP and TUSC. A lot of IOC provided, and images depict infection chains or lure messages. 🔗 (Ukrainian language) https://cert.gov.ua/article/6278521

#CERTUA #UAC0184 #Ukraine #cyberespionage #threatintel #IOC #RemcosRAT #IDAT #xworm

#IDAT Loader used to infect a #Ukraine entity in #Finland with #Remcos RAT
https://securityaffairs.com/159650/cyber-crime/idat-loader-ukraine-entity-remcos-rat.html
#securityaffairs #malware