The GIFTEDCROOK malware has seen significant upgrades, transforming from a basic browser data stealer into a powerful intelligence tool. Recent campaigns, particularly in June 2025, showcase its advanced capability to extract sensitive documents from targeted devices, especially from Ukrainian governmental and military personnel. Initially identified in April 2025, GIFTEDCROOK's evolution is attributed to a group named UAC-0226, using phishing emails with malicious Excel attachments. New versions of the malware can capture files under 7 MB created or modified recently, signaling a refined focus on intelligence gathering during ongoing tensions in the region.
GIFTEDCROOK has evolved from a simple data stealer to a sophisticated intelligence-gathering tool used against Ukrainian entities, highlighting its enhanced capabilities.
Recent campaigns show GIFTEDCROOK's ability to exfiltrate sensitive documents, indicating a strategic focus on gathering intelligence from Ukrainian governmental and military sectors.
Collection
[
|
...
]