Operation Groundbait: Analysis of a surveillance toolkit
released on 2016-05-18 @ 02:52:41 PM
Operation Groundbait (Russian: Прикормка, Prikormka) is an ongoing cyber-surveillance
operation targeting individuals in Ukraine. The group behind this operation
has been launching targeted and possibly politically-motivated attacks to spy on
individuals.
This paper presents ESET’s findings about Operation Groundbait based on our research
into the Prikormka malware family. This includes detailed technical analysis
of the Prikormka malware family and its spreading mechanisms, and a description
of the most noteworthy attack campaigns.