March 15, 2022

Google TAG Provides Update on Russian Threat Groups

Industry: Government, Media, Military | Level: Strategic | Source: GoogleTAG

Google’s Threat Analysis Group (TAG) provides an update on threat actor groups, APT28/FancyBear, Ghostwriter/UNC1151 and Mustang Panda/Temp.Hex, focusing attacks against Ukraine. Activity for APT28/FancyBear has identified phishing campaigns conducted to obtain user credentials against a Ukrainian media site. Threat actor group Ghostwriter/UNC1151 has also conducted phishing campaigns targeting the Polish and Ukrainian, government and military. Analysis for China based threat actor group, Mustang Panda/Temp.Hex has identified the distribution of a malicious zip file that downloads a malicious payload.