Former members of the Conti cybercrime cartel have been implicated in five different campaigns targeting Ukraine from April to August 2022.
The findings, which come from Google’s Threat Analysis Group (TAG), builds upon a prior report published in July 2022, detailing the continued cyber activity aimed at the Eastern European nation amid the ongoing Russo-Ukrainian war.
“UAC-0098 is a threat actor that historically delivered the IcedID banking trojan, leading to human-operated ransomware attacks,” TAG researcher Pierre-Marc Bureau said in a report shared with The Hacker News.