New: Threat Exposure Validation Impact Report 2025
Learn More
Join our Summer Webinar Series on Threat Exposure Validation
Register Now

Ukraine CERT-UA: Compromised Email Address Used To Deliver Malware Variants

February 2, 2023

An adversary was discovered using a compromised e-mail address to send phishing emails with a malicious PDF attachment. The files used in the attack were protected by VMProtect to hinder analysis. Successful intrusions resulted in systems infected with variants from the RomCom, FateGrab, and StealDeal malware families.