Menu

  • Alerts
  • Incidents
  • News
  • APTs
  • Cyber Decoded
  • Cyber Hygiene
  • Cyber Review
  • Cyber Tips
  • Definitions
  • Malware
  • Threat Actors
  • Tutorials

Useful Tools

  • Password generator
  • Report an incident
  • Report to authorities
No Result
View All Result
CTF Hack Havoc
CyberMaterial
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
Hall of Hacks
  • Education
    • Cyber Decoded
    • Definitions
  • Information
    • Alerts
    • Incidents
    • News
  • Insights
    • Cyber Hygiene
    • Cyber Review
    • Tips
    • Tutorials
  • Support
    • Contact Us
    • Report an incident
  • About
    • About Us
    • Advertise with us
Get Help
No Result
View All Result
Hall of Hacks
CyberMaterial
No Result
View All Result
Home Alerts

Spear-Phishing Targets NATO with RomCom

July 11, 2023
Reading Time: 2 mins read
in Alerts
Spear-Phishing Targets NATO with RomCom

 

BlackBerry’s Threat Research and Intelligence team recently uncovered a spear-phishing campaign aimed at organizations supporting Ukraine and attendees of the upcoming NATO Summit. The campaign involves the distribution of the RomCom RAT, with lure documents impersonating the Ukrainian World Congress to deceive victims. The attackers utilized typosquatting techniques to create a fake website resembling the legitimate organization’s site and hosted weaponized versions of popular software.

The experts at BlackBerry attributed the attacks to the RomCom threat actor based on their analysis of tactics, techniques, and procedures (TTPs), code similarities, and attack infrastructure.

By opening the lure documents, victims triggered a multi-stage attack chain that exploited a Microsoft vulnerability (CVE-2022-30190) and ultimately installed the RomCom RAT. This RAT allows the threat actors to collect information and execute remote commands on the compromised systems.

The campaign coincides with the upcoming NATO Summit, where discussions will take place regarding the potential future membership of Ukraine in the alliance. The researchers highlight the geopolitical context, domain registration patterns, HTML scraping of legitimate websites, code similarities, and network infrastructure information as factors contributing to their conclusion that this is either a RomCom rebranded operation or involves members of the RomCom threat group supporting a new threat group.

Organizations supporting Ukraine and participating in the NATO Summit should remain cautious and ensure they have robust security measures in place to defend against such targeted spear-phishing campaigns.

Reference:
  • RomCom Threat Actor Suspected of Targeting Ukraine’s NATO Membership Talks at the NATO Summit

Tags: Cyber AlertCyber Alerts 2023CyberattackJuly 2023MicrosoftNATOPhishingRATRemote Access TrojanROMCOM RATUkraineVulnerabilities
ADVERTISEMENT

Related Posts

BadIIS Malware Spreads Via SEO Poisoning

Hackers Target AWS and Steal Credentials

September 24, 2025
BadIIS Malware Spreads Via SEO Poisoning

SonicWall SMA100 Update Removes Rootkit

September 24, 2025
BadIIS Malware Spreads Via SEO Poisoning

BadIIS Malware Spreads Via SEO Poisoning

September 24, 2025
FBI Issues Warning on Spoofed IC3 Website

FBI Issues Warning on Spoofed IC3 Website

September 22, 2025
FBI Issues Warning on Spoofed IC3 Website

Infostealer Hits macOS Users Widely

September 22, 2025
FBI Issues Warning on Spoofed IC3 Website

SonicWall Warns Reset After Exposure

September 22, 2025

Latest Alerts

Hackers Target AWS and Steal Credentials

SonicWall SMA100 Update Removes Rootkit

BadIIS Malware Spreads Via SEO Poisoning

SonicWall Warns Reset After Exposure

Infostealer Hits macOS Users Widely

FBI Issues Warning on Spoofed IC3 Website

Subscribe to our newsletter

    Latest Incidents

    Boyd Gaming Reports Data Breach After Attack

    Morrisroe UK Company Hit By Cyber Attack

    GeoServer Flaw Breaches US Agency Network

    Steam Game Steals Streamer Donations

    Ransomware Gang Hacks Spartanburg County

    Cyberattack Hits Europe Airport Systems

    CyberMaterial Logo
    • About Us
    • Contact Us
    • Jobs
    • Legal and Privacy Policy
    • Site Map

    © 2025 | CyberMaterial | All rights reserved

    Welcome Back!

    Login to your account below

    Forgotten Password?

    Retrieve your password

    Please enter your username or email address to reset your password.

    Log In

    Add New Playlist

    No Result
    View All Result
    • Alerts
    • Incidents
    • News
    • Cyber Decoded
    • Cyber Hygiene
    • Cyber Review
    • Definitions
    • Malware
    • Cyber Tips
    • Tutorials
    • Advanced Persistent Threats
    • Threat Actors
    • Report an incident
    • Password Generator
    • About Us
    • Contact Us
    • Advertise with us

    Copyright © 2025 CyberMaterial