This malware campaign is targeting the military with phony emails from a defence contractor
FireEye has released details on a sophisticated cyber espionage campaign targeting the Ukrainian government. Threat actors are impersonating a defense contractor from the UK in spear phishing emails that are being send to Ukrainian military departments. The messages contain a malicious attachment that will install powerful malware on the device of a user who opens it.
The researchers believe that the attackers are based in the Luhansk People’s Republic (LPR), a landlocked proto-state in eastern Ukraine that declared independence in 2014. According to John Hultquist of FireEye, the campaign shows that “[w]hile cyber espionage is regularly leveraged as a tool of state power, this capability is not limited to states.”