CERT-UA Warns of HTA-Delivered C# Malware Attacks Using Court Summons Lures thehackernews.com/2025/08/c…

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks carried out by a threat actor called UAC-0099 targeting government agencies, the defense forces, and enterprises of the defense-industrial complex in the country.

The attacks, which leverage phishing emails as an initial compromise vector, are used to deliver malware families like MATCHBOIL, MATCHWOK, and DRAGSTARE.

UAC-0099, first publicly documented by the agency in June 2023, has a history of targeting Ukrainian entities for espionage purposes. Prior attacks have been observed leveraging security flaws in WinRAR software (CVE-2023-38831, CVSS score: 7.8) to propagate a malware called LONEPAGE.