The State Cyber Protection Centre of the State Service of Special Communications and Information Protection of Ukraine (SCPC SSSCIP), in collaboration with Unit 42, has a whopping 94 page malware analysis report (complete with IOC) on Smoke Loader malware (aka Dofoil or Sharik), used in a surge of recent attacks on Ukrainian financial institutions and government organizations. Ukraine’s CERT-UA first identified Smoke Loader used by the financially motivated threat group UAC-0006 on 05 May 2023. Since then, Smoke Loader has been used worldwide and also in ransomware attacks. 🔗 https://scpc.gov.ua/en/articles/356

#SmokeLoader #malware #threatintel #UAC0006 #Ukraine #SCPC #SSSCIP #Ukraine #CERTUA #IOC