UAC-0185
0 incidentes
0 paises
0 sectores
apt RU Ultimo: -
Aliases: UNC4221
UAC-0185, also known as UNC4221, is a Russia-linked cyber espionage threat actor active since at least 2022. The group's primary motivation is to conduct cyber espionage by stealing credentials from messaging applications and specialized Ukrainian military systems, often to gain unauthorized remote access, disrupt operations, or establish persistent network control. What specifically sets this group apart is its consistent focus on credential theft from secure communication tools like Signal, Telegram, and WhatsApp, alongside targeting proprietary Ukrainian military systems such as DELTA, TENETA, and Kropyva. The group frequently employs highly tailored spear-phishing campaigns that impersonate legitimate Ukrainian entities, such as the Ukrainian Union of Industrialists and Entrepreneurs (UUIE), to achieve its objectives.
Sectores objetivo (SOCRadar)
National Security