UAC-0099 is a threat actor. This group is tracked in the Strobes VI threat intelligence database.

What vulnerabilities does UAC-0099 exploit?

Specific CVE exploitation data for UAC-0099 is being tracked. Check the Strobes VI threat actor profile for updates.

UAC-0099

Exploited CVEs

Overview

UAC-0099 is a threat actor that has been active since at least May 2023, targeting Ukrainian entities. They have been observed using a known WinRAR vulnerability to carry out attacks, indicating a level of sophistication. The actor relies on PowerShell and the creation of scheduled tasks to execute malicious VBS files for initial infection. Monitoring and limiting the functionality of these components can help mitigate the risk of UAC-0099 attacks.

Exploited Vulnerabilities

No exploited CVEs have been attributed to this threat actor yet.

Browse CVE Database