Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives
NetmanageIT OpenCTI - opencti.netmanageit.com
SUMMARY :
A Russian hybrid espionage and influence operation, dubbed UNC5812, targets potential Ukrainian military recruits through a Telegram persona called 'Civil Defense'. The campaign delivers Windows and Android malware, including SUNSPINNER, PURESTEALER, and CRAXSRAT, while simultaneously spreading anti-mobilization narratives. The operation uses social engineering tactics to bypass security measures and gain extensive permissions on victims' devices. UNC5812 also engages in influence activities to undermine Ukraine's mobilization efforts by soliciting and sharing content that discredits Ukrainian military recruitment practices. The campaign leverages both a dedicated website and Telegram channel to distribute malware and propagate anti-mobilization messages.
OPENCTI LABELS :
espionage,ukraine,military,telegram,influence,russian,recruitment,craxsrat,pronsis loader,sunspinner,purestealer
Open in NetmanageIT OpenCTI Public Instance with below link!
Use public read only username and password on login page.
NOTE : Use Public READ only user credentials on login page banner.
Hybrid Russian Espionage and Influence Campaign Aims to Compromise Ukrainian Military Recruits and Deliver Anti-Mobilization Narratives