🔍 When your Excel macro is actually a Kremlin love letter.
UAC-0226 just leveled-up GIFTEDCROOK from petty browser pick-pocket to a full-blown spy suite—exactly as Kyiv rubber-stamps another round of martial law. They’re hoovering up .docx, .pdf, even .ovpn files and whisking them away through encrypted Telegram bots (bye-bye, “safe” chat traffic).
Scorching intel
• Arctic Wolf Labs spotted v1.3 sleeping past EDR and vacuuming whole drives.
• Reuters confirms martial law extended to August, gifting phishers a fear-driven theme park.
🤔 Question for the trenches: How are you tuning EDR rules when Telegram looks like just another chat?
Read the playbook ➜ https://blog.alphahunt.io/giftedcrooks-strategic-pivot-uac-0226s-espionage-surge-amid-ukraines-geopolitical-flashpoints
(Hit “subscribe” or keep playing whack-a-mole.)
#Ukraine #CyberWar #ThreatIntel #Infosec #AlphaHunt
(Hit “subscribe” or keep playing whack-a-mole.)