216.73.217.172

Disrupting FlyingYeti's campaign targeting Ukraine

· Published 31/05/2024 12:19 · Modified 31/05/2024 12:33

Export JSON

Essential information

Published
31/05/2024 12:19
Modified
31/05/2024 12:33
Tags
2024-05-31 CVE-2023-38831 cookbox malware phishing russia ukraine
Related entities
1 vulnerabilities (cve), 8 observables, 1 intrusion sets (apt), 10 techniques (mitre), 1 malware, 2 others

Description

This report details Cloudforce One's real-time effort to detect, deny, degrade, disrupt, and delay a campaign by the -aligned threat actor FlyingYeti targeting . The campaign aimed to capitalize on anxiety over potential loss of housing and utilities by enticing targets to open malicious files containing the . Cloudforce One's mitigations prolonged the operational timeline from days to weeks, hindering the actor's objectives.

External references