UAC-0247 Targets Ukrainian Clinics and Government in Data-Theft Malware Campaign
Summary
CERT-UA has detailed a campaign by threat actor UAC-0247 that targeted Ukrainian government and healthcare institutions. The campaign used malware to steal sensitive data from Chromium-based browsers and WhatsApp, observed between March and April.
IFF Assessment
FOE
This is bad news for defenders as it highlights a new active campaign by a specific threat actor targeting critical infrastructure with data-stealing malware.
Defender Context
Defenders should be aware of the UAC-0247 threat actor and their methods, particularly the focus on Ukrainian healthcare and government entities. This campaign underscores the importance of robust endpoint security, browser data protection, and monitoring for unusual data exfiltration patterns.