Uptime Hamster: 15d 4h 14mDeploy: 13 Jul 2026 08:04Updated: 2026-07-14
Logo del actor de amenaza UAC-0215

UAC-0215

0 incidentes 0 paises 0 sectores apt UA Ultimo: -
Ver en IntelTracker → APTTrail →
UAC-0215 is a Russia-aligned advanced persistent threat (APT) actor that first emerged with infrastructure preparation in August 2024, followed by large-scale phishing campaigns detected in October 2024. This state-sponsored group, assessed with high confidence to be of Russian origin, is primarily motivated by espionage, seeking unauthorized remote access to sensitive systems for intelligence gathering, data exfiltration, and the deployment of follow-on malware in support of Russian state interests amidst ongoing conflict. What sets UAC-0215 apart is its primary reliance on spear-phishing campaigns that deliver malicious Remote Desktop Protocol (RDP) configuration files (.rdp). These files, upon execution, establish bidirectional connections to actor-controlled servers, enabling extensive resource mapping. The group's activities have shown overlaps with other Russian state-sponsored actors such as APT29/Midnight Blizzard.

Actores similares

uac-0008actor · 1UAC-0194apt · 0UAC-0185apt · 0UAC-0020apt · 0UAC-0219apt · 0UAC-0149apt · 0UAC-0006apt · 0UAC-0226apt · 0Guacamayaapt · 0UAC-0063apt · 0
Tipo
apt
Pais origen
UA
Motivacion
-
Impacto
7
Actualizado
Mon, 05 Ja