Phony ESET Phishing Fiasco: Russia-Aligned Hackers Target Ukraine with New Cyber Shenanigans
InedibleOchotense is impersonating ESET in phishing attacks against Ukrainian entities, using trojanized installers to deliver malware. Meanwhile, Sandworm continues to wreak havoc with wiper attacks, and RomCom exploits a WinRAR vulnerability in spear-phishing campaigns, proving that when it comes to cybersecurity, Russia-aligned threat actors are anything but “remotely” funny.
Hot Take:
Holy phishing trips, Batman! You’ve got to admire the creativity of naming a cyber campaign after a potentially inedible mushroom. InedibleOchotense sounds like a bad culinary experience, but it’s actually a cyber-attack that’s leaving a bad taste in the mouths of Ukrainian entities by impersonating the good folks at ESET. Who knew cybersecurity could be such a gourmet affair?
Key Points:
- InedibleOchotense, a new cyber threat, targets Ukrainian entities by masquerading as ESET.
- The campaign uses spear-phishing emails and Signal messages to deliver a trojanized ESET installer.
- Sandworm, a notorious hacking group, continues to launch destructive wiper attacks in Ukraine.
- RomCom exploits a WinRAR zero-day vulnerability in attacks on European and Canadian sectors.
- Russia-aligned actors leverage these cyber activities for geopolitical objectives and credential harvesting.