VMTech
+381 11 4150 20024/7 Discuss a project
← All Instagram insights VMTECH · INSTAGRAM

Ghostwriter targets Ukrainian government bodies with Prometheus-lured phishing

Ghostwriter атакует украинские госорганы через фишинг с приманками Prometheus

Colleagues, please note: a Ghostwriter campaign targeting Ukrainian public institutions has been detected. CERT-UA reports phishing emails from compromised accounts delivering a PDF linking to a ZIP; inside is JavaScript (OYSTERFRESH → OYSTERBLUES → OYSTERSHUCK) that harvests data and deploys a final module assessed as Cobalt Strike. CERT-UA recommends restricting wscript.exe execution for standard accounts and accounting for AI use and attackers’ intent for long-term persistence. Why it matters: the risk of data exfiltration and sustained network control is increasing. How will you respond to such campaigns? #cybersecurity #phishing #CERTUA #Ghostwriter

Latest comments

No comments yet.