APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine
Summary
Cybersecurity researchers have uncovered a new Russian cyber campaign targeting Ukrainian entities. This campaign utilizes two novel malware families, BadPaw loader and MeowMeow backdoor, delivered via phishing emails containing ZIP archives that ultimately lead to the execution of malicious code.
IFF Assessment
This campaign introduces new malware families and a sophisticated attack chain, presenting novel threats and evasion techniques for defenders to counter.
Defender Context
This campaign highlights the continued targeting of Ukraine by advanced persistent threats (APTs) and the ongoing development of custom malware. Defenders should be vigilant for phishing emails with lure documents and unfamiliar archive types, and ensure robust endpoint detection and response (EDR) capabilities are in place to detect and block the identified malware families.