Skip to content
The Nexus
SECURITYMay 14 · 14:00 UTCTHE HACKER NEWS[email protected] (The Hacker News)

Ghostwriter Targets Ukrainian Government With Geofenced PDF Phishing, Cobalt Strike

The Ghostwriter threat group has targeted Ukrainian government organizations with geofenced PDF phishing and Cobalt Strike attacks. Ghostwriter, also known as FrostyNeighbor, PUSHCHA, Storm-0257, TA445, and UAC‑0057, has been active since at least 2016. The group is aligned with Belarus and has been linked to cyber espionage and influence operations.

Nexus surfaces and summarizes. The full story lives at the source.

Mentioned
Spot something wrong with this article?Report a problem →
Forward this