The APT group UAC-0063 has evolved beyond its original Central Asian targets to attack various entities in Europe, including embassies. Initially identified in May 2023, it has been linked to Russian-sponsored activities, specifically targeting government agencies with a range of malware, such as HATVIBE and DownEx. Recent reports indicate their operational methods include spear-phishing attacks using legitimate documents from organizations like Kazakhstan's Ministry of Foreign Affairs. Cybersecurity experts emphasize the group's sustained activities, posing increasing threats to both centralized and regional targets across Europe and Asia.
"This research focuses on completing the picture of UAC-0063's operations, particularly documenting their expansion beyond their initial focus on Central Asia, targeting entities such as embassies in multiple European countries..."
Collection
[
|
...
]