Disrupting FlyingYeti's campaign targeting Ukraine
released on 2024-05-31 @ 12:19:34 PM
This report details Cloudforce One's real-time effort to detect, deny, degrade, disrupt, and delay a phishing campaign by the Russia-aligned threat actor FlyingYeti targeting Ukraine. The campaign aimed to capitalize on anxiety over potential loss of housing and utilities by enticing targets to open malicious files containing the COOKBOX malware. Cloudforce One's mitigations prolonged the operational timeline from days to weeks, hindering the actor's objectives.