Belarus Hackers Target Ukraine With Spear-Phishing
bankinfosecurityEspionage Group FrostyNeighbor Uses Evolving Tactics to Hit Kyiv's Military Tiffany Wang • May 14, 2026
A Belarus-aligned cyberespionage actor has been targeting military, defense and government agencies in Ukraine through an email spear-phishing campaign since March.
See Also: AI Impersonation Is the New Arms Race-Is Your Workforce Ready?
Researchers at cybersecurity firm Eset say the group, which it tracks as FrostyNieighbor, impersonates Ukraine monopolist telephone company Ukrtelecom to deliver PDFs laced with malicious links that ultimately deliver a Cobalt Strike beacon payload.
The hackers calibrated the attack to ensure that recipients outside of Ukraine receive a benign PDF file "related to regulations in the field of electronic communications from 2024 to 2026," Eset said in a Thursday post. Users with a Ukrainian IP address receive a RAR archive that initiates the attack chain.
FrostyNeighbor - also tracked as Ghostwriter, UAC-0057 and Storm-0257 - has been active since ...
Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE