Ukraine’s Cyber Defense Nightmare: UAC-0099 Strikes Again with Phishing Frenzy

Ukraine’s CERT-UA warns of UAC-0099 phishing attacks on the defense sector. These cyber tricksters aren’t sending you cat memes; they’re delivering malware like MATCHBOIL, MATCHWOK, and DRAGSTARE. Their email hooks? “Court summons” with a side of obfuscated VBScript and scheduled PowerShell shenanigans. Stay alert; they’re phishing in dangerous waters!

3P
Published: August 7, 2025 11:07 amAdded: August 7, 2025 at 4:17 amAssembled by: The Editor
Pro Dashboard

Hot Take:

Looks like Ukraine’s defense sector is getting more phishing attempts than a catfish on a dating app! UAC-0099 is at it again, trying to reel in sensitive data with their arsenal of malware like MATCHBOIL, MATCHWOK, and DRAGSTARE. Stay sharp, Ukraine, because this phishing expedition is more than just a bad day at the office!

Key Points:

  • UAC-0099 is targeting Ukraine’s defense sector with phishing attacks.
  • Phishing emails contain links to file services hosting a double archive with an HTA file.
  • Malware used includes MATCHBOIL loader, MATCHWOK backdoor, and DRAGSTARE stealer.
  • These attacks demonstrate evolving tactics, highlighting the threat actors’ sophistication.
  • UAC-0099 has been targeting Ukraine since mid-2022, exploiting various vulnerabilities.

Membership Required

 You must be a member to access this content.

View Membership Levels
Already a member? Log in here
The Nimble Nerd
powered by the NSA, er,  GDPR Cookie Compliance
Confessional Booth of Our Digital Sins

Okay, deep breath, let's get this over with. In the grand act of digital self-sabotage, we've littered this site with cookies. Yep, we did that. Why? So your highness can have a 'premium' experience or whatever. These traitorous cookies hide in your browser, eagerly waiting to welcome you back like a guilty dog that's just chewed your favorite shoe. And, if that's not enough, they also tattle on which parts of our sad little corner of the web you obsess over. Feels dirty, doesn't it?