State Special Communications Service reveals how Russian hackers attack the security and defense sector

According to glavcom.ua: The national team Cert-Ua received a message on July 10, 2025, about emails being circulated among executive authorities. The emails, which appeared to be from a ministry representative, contained an attachment as a file 'Attachment.pdf.zip'. Inside was an executable file with the '.pif' extension, which was identified as the Lamehug malware developed in Python.

The State Special Communications and Information Protection Service of Ukraine has witnessed new cyberattacks on the country's security and defense sector, carried out by Russian hackers known as the UAC-0001 group or APT28. These attacks are characterized by the use of the Lamehug malware with capabilities of large language models, reports Glavkom citing the State Special Communications Service.

The Ukrainian security and defense sector is once again facing cyber threats from Russian hackers of the UAC-0001 group, who are using the new Lamehug malware to attack systems in the country's authorities. These cyberattacks require heightened attention and cybersecurity measures to prevent possible spreading of harmful effects and to protect important informational resources.