Ukraine again under a cyber attack, probably by Gamaredon
Cybaze-Yoroi ZLAB cyber security experts: The campaign shows the Matryoshka structure to chain SFX archives, typical of APT implant, and the use of a legit third party RAT as payload.
Ukraine is still the priority for Russian state-sponsored hackers
Yoroi-Cybaze cyber security experts: After APT28, also Gamaredon is spying Kiev. The lure is a legit military document, weaponized with Pteranodon malware.
New threat of large scale cyber attacks on Ukraine, as usual on november
The CERT-UA and the SBU detected a new malware Pterodo Windows backdoor, associated with the Gamaredon (aka Pteradon) state sponsored hackers.