A cyberespionage campaign named Winter Vivern is targeting The Vatican, Ukraine, Poland, and other countries.
The campaign is believed to be active since 2021.
- Security researchers believe that the tools used in this hacking campaign are similar to the tools and methods that Pro-Russia hackers have used in the past.
- The threat actor has used a plethora of threat vectors, such as phishing websites and malicious documents.
- The group mainly uses the Aperetif trojan, launching it from breached WordPress sites.
- Aperetif is malware written in C++. The malware enables hackers to:
- collect victim data,
- gan backdoor access,
- deploy payloads from the command-and-control server.
- This malware campaign is also tracked as UAC-0114.
