Strategic Pivot: From Browser Stealer to Data Exfiltration Platform During Critical Ukraine Negotiations

The cyber-espionage group UAC-0226 has significantly evolved its GIFTEDCROOK malware from a basic browser data stealer to a robust intelligence-gathering tool. Three versions were identified between April-June 2025, with the latest iterations capable of exfiltrating a wide range of sensitive documents. The malware's deployment coincided with critical geopolitical events, particularly Ukraine peace negotiations in Istanbul. GIFTEDCROOK is delivered through spear-phishing emails with military-themed PDF lures, targeting Ukrainian governmental and military institutions. Data exfiltration occurs via Telegram bot channels. The threat actor's sophisticated approach, including crafting context-specific lures and timing attacks with political events, suggests a focus on covert intelligence collection to support diplomatic and military decision-making.

Pulse ID: 685df3bd3136ef01b4913244
Pulse Link: https://otx.alienvault.com/pulse/685df3bd3136ef01b4913244
Pulse Author: AlienVault
Created: 2025-06-27 01:28:29

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Browser #CyberSecurity #Email #Espionage #Government #InfoSec #Malware #Military #OTX #OpenThreatExchange #PDF #Phishing #RAT #SpearPhishing #Telegram #UK #Ukr #Ukraine #Ukrainian #bot #cyberespionage #AlienVault

#King Charles meets with President #Zelenskyy at Windsor Castle #UKR #GBR www.itv.com/news/2025-06...

itv.com/news/2025-06-2...

🔸Denece, c'etait notre Keissiger a nous (donc en encore mieux).
🔸Analyse de Denece avant les elections americaine. (automne 2024)
🔸C'est toujours interessant de confronter ce qui a ete dit ou predit avec ce qui se passe.
🔸Je vous laisse juge.
https://www.youtube.com/watch?v=bN7Xp0PzW5U
#geopolitique #france #fr #politique #histoire
#Israel #iran #IranWar #military #politics
#Actu #Actualités #News #presse #Europe #EU
#lemonde #media #medias #macron #ukraine #ukr #russie

2️⃣ Slovensko do toho! 🇸🇰 A week of #UEFA #Under21Euro #Groundhopping in #Slovakia continued at Štadión Tatran Prešov in #Prešov where, in Group D, #Ukraine were beaten 3-2 by #Denmark (att: 5,458) #UKR🆚#DEN 🇺🇦🆚🇩🇰

Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721

A new wave of Mirai botnet attacks is exploiting CVE-2024-3721 to target TBK DVR devices. The campaign uses a POST request to execute system commands without authorization, downloading and running an ARM32 binary. This Mirai variant includes features like RC4 string encryption, anti-VM checks, and anti-emulation techniques. The malware verifies if it's running in a virtual environment and checks for allowed directories. Infected devices are primarily located in China, India, Egypt, Ukraine, Russia, Turkey, and Brazil. Over 50,000 exposed DVR devices are potentially vulnerable. The botnet's main goal is to conduct DDoS attacks. Updating vulnerable devices and performing factory resets are recommended as protective measures.

Pulse ID: 6842e2da7eafc4bf38554913
Pulse Link: https://otx.alienvault.com/pulse/6842e2da7eafc4bf38554913
Pulse Author: AlienVault
Created: 2025-06-06 12:45:14

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#Brazil #China #CyberSecurity #DDoS #DoS #ESET #Encryption #India #InfoSec #Malware #Mirai #OTX #OpenThreatExchange #Russia #Turkey #UK #Ukr #Ukraine #bot #botnet #AlienVault

Newly identified wiper malware 'PathWiper' targets critical infrastructure in Ukraine

A destructive attack on Ukrainian critical infrastructure using a new wiper malware called 'PathWiper' has been observed. The attack, attributed to a Russia-nexus APT group, utilized a legitimate endpoint administration framework to deploy the wiper across connected endpoints. PathWiper overwrites file system artifacts with random data, targeting physical drives, volumes, and network shared drives. Its capabilities are similar to HermeticWiper, previously used against Ukrainian entities. The malware's sophisticated approach to identifying and corrupting connected drives and volumes distinguishes it from earlier wipers. This attack underscores the ongoing threat to Ukrainian infrastructure despite the prolonged conflict with Russia.

Pulse ID: 6841b92b694f10dda07d9db8
Pulse Link: https://otx.alienvault.com/pulse/6841b92b694f10dda07d9db8
Pulse Author: AlienVault
Created: 2025-06-05 15:35:07

Be advised, this data is unverified and should be considered preliminary. Always do further verification.

#CyberSecurity #Endpoint #InfoSec #Malware #OTX #OpenThreatExchange #RAT #Russia #UK #Ukr #Ukraine #Ukrainian #bot #AlienVault

Brusel - Pokud summit Severoatlantické aliance v červnu v Haagu dospěje ke společné dohodě na nutnosti zvyšovat výdaje na obranu až k pěti procentům hrubého domácího produktu (HDP), Česká republika je připravena to podpořit. Na tiskové konferenci v Bruselu to po jednání s generálním tajemníkem NATO Markem Ruttem řekl český prezident Petr Pavel.

Tón: : mírně pozitivní
#česko #gdelt #ukr...

https://www.ceskenoviny.cz/zpravy/pavel-pokud-bude-shoda-na-vydajich-5-hdp-na-obranu-cr-to-podpori/2676102

Danke, liebe #Ukraine! 🇺🇦 🇺🇦 🇺🇦 🇺🇦 Thank you, Ukraine, from #Germany! 🇩🇪 🇩🇪 🇩🇪 🇩🇪

#eurovision #ger #ukr

Ukraine National Jurists know what’s up at least #UKR #Eurovosion

Ukraine National Jurists know what’s up at least #UKR #Eurovosion

#esc2025 und wenn euch #ukr nicht gefällt zumindest #lat oder dann halt #ita....

Warum tue ich mir das an...

Also meine Top 5 sind
Litauen #lithuania #lit
Lettland #latvia #lat
Großbritannien #uk #gb
Ukraine #ukraine #ukr
Italien #italy #it

...nicht unbedingt in der Reihenfolge. Bin ein bisschen überfordert gerade, das ist alles so schnell :'D

#esc2025 #ESC @esc

#esc2025 also los Leute. Kreditkarten raus. ESC.vote und 20 Stimmen für #ukr Der einzige Song, der auch ein Song ist!

#ITA is now trending across Mastodon

#Latvia is now trending across Mastodon

#UKR is now trending across Mastodon

At the first #Eurovision break...

#NOR Kyle sounded a little bit nervous and looked relieved when he was done.

#LUX They understood the assignment. Bar none.

#EST Tommy's best performance so far. I almost don't hate the song.

#LTU I simply don't connect with Katarsis. I don't hate it, but I also don't particularly like it. It's ... there.

#ESP Melody ate, just wish that RTVE had a more cohesive staging idea. And the curtain effect seems chintzy.

#UKR The singer sounded a little tired, but it's been a long road for everyone. Better staging from Vidbir, but still not fave for me.

🇺🇦 #UKR Big 'The Darkness' vibes. Wouldn't want that to come up on karaoke night...

Smoke machine! Pyro! Drinks! (7)

Speaking of vibes, as host, Helga is giving big Marg Downey as SBS continuity announcer vibes. Or is that showing my age?

#Eurovision

#ESC #UKR

Dem pinken Jüngling fehlen die Elfenohren.

Slava ukraina, nevertheless!

Trop de machines à fumée, des costumes excessifs en tout, des sonorités prog chantées par un type en pattes d'eph, c'est ça qu'on veut oue #Eurovision #ukr

Der #UKR-Beitrag ist mir im Halbfinale irgendwie durchgerutscht. Gewinnt aber beim 2. Hören.
#ESC #ESC2025

Irgendwie sieht der aus, als hätte man ihn aus einem DEFA-Märchen ausgeschnitten

#esc #ukr