Uptime Hamster: 15d 4h 13mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza UAC-0194

UAC-0194

0 incidentes 0 paises 0 sectores apt RU Ultimo: -
Ver en IntelTracker → APTTrail →
UAC-0194 is a Russian-aligned threat actor that emerged in mid-2024, focusing on long-term espionage and intelligence collection rather than financial gain. The group is distinguished by its precise approach to information gathering, particularly its adeptness at exploiting Windows NTLM (NT LAN Manager) hash disclosure vulnerabilities with minimal user interaction, allowing them to weaponize legitimate files for credential theft. Initially targeting Ukrainian government and educational entities, UAC-0194 expanded its operations to include targets in Poland and Romania by early 2025, demonstrating an evolution in its geopolitical aspirations and a consistent reliance on novel NTLM exploitation techniques.

Actores similares

uac-0008actor · 1UAC-0185apt · 0UAC-0020apt · 0UAC-0219apt · 0UAC-0149apt · 0UAC-0215apt · 0UAC-0006apt · 0UAC-0226apt · 0Guacamayaapt · 0UAC-0063apt · 0
Tecnicas MITRE
T1557 -, T1566 -, T1219 -, T1204.002 -
CVEs relacionadas
CVE-2025-24054, CVE-2024-43451
Tipo
apt
Pais origen
RU
Motivacion
-
Impacto
18
Actualizado
Mon, 13 Ap

Sectores objetivo (SOCRadar)

Educational ServicesPublic Administration