VERY IMPORTANT

In recent months, there has been continuous media coverage of the geopolitical tensions in Eastern Europe around the threats of a Russian invasion of Ukraine. As one may expect, there has been an observable uptick in cyberattacks on related government networks and personnel. One notable case is the so-called "#WhisperGate" malware which is destructive to the systems which it infects. On February 4, 2022, Microsoft published a report on a malicious campaign they dubbed "Actinium". In reviewing their report InQuest Labs identified a number of indicators (IOCs) that overlapped with some interesting samples they were already researching. The research community has observed a few campaigns targeting Ukrainian organizations as they have been discovered in the wild. In this blog, InQuest Labs focuses primarily on their findings via independent and immediate sources.