Summary

The article discusses a new cyber campaign linked to APT28, a Russian threat actor, targeting Ukrainian entities with two new malware strains, BadPaw and MeowMeow. The campaign employs phishing emails to deliver these threats.

Key Points

• The campaign is attributed to APT28, a known Russian cyber espionage group.
• Two new malware families, BadPaw and MeowMeow, have been identified.
• The attack begins with a phishing email containing a link to a ZIP archive.
• Once extracted, an HTA file is used to display a lure document in Ukrainian.
• The campaign specifically targets Ukrainian entities, focusing on border crossing appeals.

Analysis

This campaign highlights the ongoing cyber threat posed by APT28, particularly against geopolitical targets like Ukraine. The use of new malware families indicates a sophisticated approach to bypassing existing security measures. The focus on Ukrainian entities suggests a strategic intent to gather intelligence or disrupt operations within the region.

Conclusion

IT professionals should enhance their email security protocols and educate users on recognizing phishing attempts. Monitoring for indicators of compromise related to BadPaw and MeowMeow is crucial to mitigate potential threats.