A Russian state-sponsored hacking group, likely APT28, has targeted Ukrainian government entities using malware delivered via Signal messages. The campaign involved sophisticated backdoors like BeardShell and SlimAgent, aiming for long-term espionage. #APT28 #BeardShell #SlimAgent #CyberEspionage #UkrainianGovernment
Keypoints
- Russian state-sponsored hackers have targeted Ukrainian government systems with new malware families.
- The attack vector involved malicious documents sent over Signal messaging apps.
- BeardShell is a backdoor supporting PowerShell script downloads, while SlimAgent captures and encrypts screenshots.
- The attackers used the Covenant framework to facilitate additional payload deployment.
Read More: https://www.securityweek.com/russian-apt-hits-ukrainian-government-with-new-malware-via-signal/