Ukraine Under Siege: UAC-0099’s Cyber Shakedown and Gamaredon’s Phishing Frenzy!

CERT-UA warns of cyber attacks by UAC-0099 targeting Ukraine’s defense sector. Using phishing emails, they deploy malware like MATCHBOIL, MATCHWOK, and DRAGSTARE. The attack chain cleverly lures victims with court-related emails, dropping malware to steal data and execute remote commands.

3P
Published: August 6, 2025 8:46 amAdded: August 6, 2025 at 2:11 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Ukraine’s cyber defenders must feel like they’re playing a never-ending game of digital whack-a-mole with UAC-0099. It’s like the threat actor is the annoying neighbor who keeps throwing wild parties, and CERT-UA is the exhausted resident constantly calling the cops to shut it down. But with malware names that sound like rejected Pokémon, who can take them seriously? Still, better keep those firewalls stocked with caffeine, because this is one “MATCH” they’re determined to win.

Key Points:

– UAC-0099 targets Ukrainian government and defense sectors using phishing emails.
– Malware used includes MATCHBOIL, MATCHWOK, and DRAGSTARE.
– Attacks exploit WinRAR vulnerabilities for malware propagation.
– Email lures mimic court summons using URL shorteners.
– Gamaredon group also targets Ukraine, using various stealthy malware tools.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?