APT28-Linked Campaign Deploys BadPaw Loader and MeowMeow Backdoor in Ukraine

thehackernews.com · [email protected] (The Hacker News) · 1 month ago · threat-intel

quality 4/10 · average

0 net

AI Summary

Russian APT28-linked campaign targets Ukrainian entities using phishing emails with HTA files to deploy two undocumented malware families: BadPaw loader and MeowMeow backdoor, with initial access via ZIP archives and Ukrainian-language lure documents.

Tags

apt28 malware loader backdoor phishing hta ukraine russian-apt initial-access badpaw meowmeow

Entities

APT28 BadPaw MeowMeow

Cybersecurity researchers have disclosed details of a new Russian cyber campaign that has targeted Ukrainian entities with two previously undocumented malware families named BadPaw and MeowMeow. "The attack chain initiates with a phishing email containing a link to a ZIP archive. Once extracted, an initial HTA file displays a lure document written in Ukrainian concerning border crossing appeals

← Back to stories