UAC-0219
0 incidentes
0 paises
0 sectores
apt RU Ultimo: -
UAC-0219 is a cyberespionage threat actor identified by Ukraine's Computer Emergency Response Team (CERT-UA) that emerged in the fall of 2024 with campaigns employing early WRECKSTEEL variants. The group's primary motivation is state-sponsored espionage, specifically the theft of sensitive data from Ukrainian state institutions and critical infrastructure. It focuses on intelligence gathering within the context of the Russia-Ukraine conflict. UAC-0219 distinguishes itself through its consistent targeting of Ukrainian government agencies, critical infrastructure, military innovation hubs, armed forces, law enforcement, and regional government bodies. While Russian-linked based on targeting and thematic alignment, CERT-UA has not made a direct public attribution to a specific nation-state entity. The group’s operations saw continued evolution into 2025, with enhanced PowerShell capabilities observed in March 2025.
Sectores objetivo (SOCRadar)
Rail TransportationPeriodical Publishers