
0:00
26:43
This week, we are joined by Tom Hegel, Principal Threat Researcher from SentinelLabs research team, to discuss their work on "Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition." The latest Ghostwriter campaign, linked to Belarusian government espionage, is actively targeting Ukrainian military and government entities as well as Belarusian opposition activists using weaponized Excel documents.
SentinelLabs identified new malware variants and tactics, including obfuscated VBA macros that deploy malware via DLL files, with payload delivery seemingly controlled based on a target’s location and system profile. The campaign, which began preparation in mid-2024 and became active by late 2024, appears to be an evolution of previous Ghostwriter operations, combining disinformation with cyberattacks to further political and military objectives.
The research can be found here:
Ghostwriter | New Campaign Targets Ukrainian Government and Belarusian Opposition
Learn more about your ad choices. Visit megaphone.fm/adchoices
Flere episoder fra "Research Saturday"
Gå ikke glip af nogen episoder af “Research Saturday” - abonnér på podcasten med gratisapp GetPodcast.