Uptime Hamster: 15d 4h 13mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza UAC-0185

UAC-0185

0 incidentes 0 paises 0 sectores apt RU Ultimo: -
Aliases: UNC4221
Ver en IntelTracker → APTTrail →
UAC-0185, also known as UNC4221, is a Russia-linked cyber espionage threat actor active since at least 2022. The group's primary motivation is to conduct cyber espionage by stealing credentials from messaging applications and specialized Ukrainian military systems, often to gain unauthorized remote access, disrupt operations, or establish persistent network control. What specifically sets this group apart is its consistent focus on credential theft from secure communication tools like Signal, Telegram, and WhatsApp, alongside targeting proprietary Ukrainian military systems such as DELTA, TENETA, and Kropyva. The group frequently employs highly tailored spear-phishing campaigns that impersonate legitimate Ukrainian entities, such as the Ukrainian Union of Industrialists and Entrepreneurs (UUIE), to achieve its objectives.

Aliases del actor

UNC4221

Actores similares

uac-0008actor · 1UAC-0194apt · 0UAC-0020apt · 0UAC-0219apt · 0UAC-0149apt · 0UAC-0215apt · 0UAC-0006apt · 0UAC-0226apt · 0Guacamayaapt · 0UAC-0063apt · 0
Tecnicas MITRE
T1219 -, T1003 -, T1566 -
Tipo
apt
Pais origen
RU
Motivacion
-
Impacto
9
Actualizado
Mon, 05 Ja

Sectores objetivo (SOCRadar)

National Security