UAC-0050 Group Using New Phishing Tactics to Distribute Remcos RAT

The threat actor UAC-0050 is using sophisticated phishing techniques to deploy Remcos RAT malware, a tool for remote surveillance and control. The group, known to target Ukrainian and Polish entities since 2020, has upgraded their tactics, integrating a pipe method for interprocess communication that can evade most security systems. Uptycs, a cybersecurity platform, found that the attacks may have targeted Ukrainian military personnel, posing as offerings for consultancy roles within the Israel Defense Forces.