UAC-0102

MISP

Type:
Unknown

Country:
Unknown

First seen:
Unknown

Details:

UAC-0102 is a threat actor group targeting UKR.NET users through phishing attacks. They distribute emails with HTML file attachments that redirect users to a fraudulent website to steal authentication data. Security teams can use Sigma rules to detect their phishing campaigns and leverage IOCs provided by CERT-UA to hunt for their activity in SIEM or EDR environments.

References (2)

socprime.com - Uac 0102 Phishing Attack Detection Hackers Steal Authentication Data Impersonating The Ukr Net Web Service
cert.gov.ua - 4928679

Metadata

ID:	715
Created:	13/01/2026 17:48
Updated:	09/03/2026 16:00