Russian Hackers Serve Up Malware with a Side of “ESET” – Ukrainian Systems on the Menu

InedibleOchotense, a Russia-linked group, spoofed ESET to launch phishing attacks on Ukraine, cleverly pairing real software with a sneaky backdoor. Their emails and Signal messages urged users to download “official threat removal software” from fake ESET domains, proving once again that even cybercriminals appreciate a good disguise.

3P
Published: November 7, 2025 9:55 amAdded: November 7, 2025 at 2:22 amAssembled by: The Editor
Pro Dashboard

Hot Take:

When it comes to cyber shenanigans, the Russia-linked InedibleOchotense group is taking the cake—or should we say, the borscht? Their latest escapade involves masquerading as the cybersecurity giant ESET to infiltrate Ukrainian systems. It’s like showing up to a potluck with a dish that’s half lasagna and half virus. Bon appétit!

Key Points:

– Russia-linked group InedibleOchotense impersonated ESET in phishing attacks.
– Victims received emails and Signal messages with links to fake ESET domains.
– The attack involved trojanized installers, installing both ESET software and a backdoor.
– The campaign shared tactics with previous UAC-0212 and BACKORDER downloader activities.
– Language errors in phishing messages hinted at poor translations from Russian to Ukrainian.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?