Ghostwriter
MITRE G1026Also known as UNC1151, Storm-0257, UAC-0057, FrostyNeighbor, PUSHCHA, TA445, Umbral Bison, White Lynx
Reports
5
First seen
May 14
Last seen
Jun 18
Motivation
espionage, espionage, influence operations, disinfo
Targeting
Sectors
government ×3other ×1
Victim regions
Ukraine ×3Poland ×1
Top ATT&CK techniques
T1566 Phishing ×5T1105 Ingress Tool Transfer ×3T1566.001 Phishing: Spearphishing Attachment ×3T1005 Data from Local System ×3T1059.007 JavaScript ×3T1082 System Information Discovery ×3T1566.002 Phishing: Spearphishing Link ×2T1204.001 User Execution: Malicious Link ×2T1204 User Execution ×2T1041 Exfiltration Over C2 Channel ×2T1195.001 Supply Chain Compromise: Compromise Software Dependencies and Development Tools ×1T1112 Modify Registry ×1
Indicators
cve ×5filename ×2domain ×1
Indicator values are available on Pro and via the API.
Associated CVEs
Recent reports
High