UAC-0050 Targets European Financial Institution with Social Engineering Attack

The Russia-aligned threat actor tracked as UAC-0050 targeted a European financial institution using a social engineering attack, likely for intelligence gathering or financial theft. The campaign involved a spoofed domain and the deployment of RMS (Remote Manipulator System) malware, indicating an expansion of the group’s targeting beyond Ukraine to entities supporting the war-torn nation. The unnamed victim is described as a regional entity involved in financial operations, though no specific date or technical indicators (e.g., CVE IDs) were disclosed. The attack suggests a shift in focus toward organizations with potential ties to Ukraine-related financial or logistical support. No further details on the attack’s execution timeline or confirmed impacts were provided.