Evacuation and Humanitarian Documents used to Spear Phish Ukrainian Entities
released on 2022-07-22 @ 12:00:15 PM
Mandiant is publishing the following blog to provide insight and context on a sampling of malicious activity targeting Ukrainian entities during the ongoing war. We are highlighting UNC1151 and suspected UNC2589 operations leveraging phishing with malicious documents leading to malware infection chains.