UAC-0194
0 incidentes
0 paises
0 sectores
apt RU Ultimo: -
UAC-0194 is a Russian-aligned threat actor that emerged in mid-2024, focusing on long-term espionage and intelligence collection rather than financial gain. The group is distinguished by its precise approach to information gathering, particularly its adeptness at exploiting Windows NTLM (NT LAN Manager) hash disclosure vulnerabilities with minimal user interaction, allowing them to weaponize legitimate files for credential theft. Initially targeting Ukrainian government and educational entities, UAC-0194 expanded its operations to include targets in Poland and Romania by early 2025, demonstrating an evolution in its geopolitical aspirations and a consistent reliance on novel NTLM exploitation techniques.
Sectores objetivo (SOCRadar)
Educational ServicesPublic Administration