Russia-aligned UAC-0184 abuses Viber messages to deliver Hijack Loader and Remcos RAT in espionage attacks on Ukrainian military and government system

The Tidyverse Blog offers insights, tutorials, and updates on the Tidyverse, a collection of R packages for data science and statistical computing. Covering topics such as data manipulation, visualization, and analysis, the blog provides resources for R developers looking to leverage the power of the Tidyverse for their data projects. Developers can learn how to use Tidyverse packages effectively to clean, transform, and analyze data in R.

The Hacker News

Russia-aligned threat actor UAC-0184 (Hive0156) is conducting espionage campaigns against Ukrainian military and government entities using Viber to distribute malicious ZIP archives. The attack chain uses disguised LNK files that deploy Hijack Loader through PowerShell, which then delivers Remcos RAT for remote access and data theft. The malware employs DLL side-loading, module stomping, and security software detection evasion techniques to maintain persistence and avoid detection.

Russia-Aligned Hackers Abuse Viber to Target Ukrainian Military and Government