CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

July 18, 2025
No Comments

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

The Computer Emergency Response Team of Ukraine (CERT-UA) has disclosed details of a phishing campaign that’s designed to deliver a malware codenamed LAMEHUG.
“An obvious feature of LAMEHUG is the use of LLM (large language model), used to generate commands based on their textual representation (description),” CERT-UA said in a Thursday advisory.
The activity has been attributed with medium

Leave a Reply Cancel reply

Cybercriminals Are Using AI to Cloak Malicious Websites July 18, 2025
Cybercriminals have found a new way to stay hidden in plain sight. They’re using artificial intelligence to cloak phishing sites, fake stores, and malware traps, shielding them from scanners while still reaching real victims. This was revealed by recent research from SlashNext. It’s not a trick, but a service. And it’s catching on fast. These […]
Kirsten Doyle
Cyber Attacks Surge 21% Globally in Q2 2025 – Europe Takes the Hardest Hit July 18, 2025
Cyber attacks are rising. Fast. In the second quarter of 2025, entities around the world faced an average of 1,984 cyber attacks each week. This was revealed by new research from Check Point. That’s a 21% increase from the same period last year, and 58% higher than two years ago. The upward trend is clear, […]
Kirsten Doyle
Lessons Learned from Steelcon’s 10th Anniversary July 18, 2025
Every year, the security community attends regional conferences, which offer a combination of educational learning, hands-on training, and the opportunity to meet with new and familiar faces. Steelcon takes place in Sheffield in mid-July. This year, the conference marked its tenth event, and I’ve been delighted to have attended four of them and spoken at […]
Dan Raywood
Pro-Russian Cybercrime Group NoName057(16) Hit Hard in Global Takedown July 18, 2025
A global police operation has dealt a heavy blow to the pro-Russian cybercrime network dubbed NoName057(16), which has been accused of launching disruptive digital attacks in support of Moscow’s war against Ukraine. Between 14 and 17 July, law enforcement agencies from across Europe and North America carried out coordinated raids and seizures under Operation Eastwood. […]
Kirsten Doyle
Top-Rated Shopify Plugin Exposes Hundreds of Stores to Takeovers, Token Leaks July 18, 2025
A Shopify plugin meant to safeguard privacy did the opposite. For over 100 days, it quietly exposed hundreds of online stores to the kind of risk most businesses dread; data theft, full account takeover, and hijacked ad spend. Ironically, the culprit was a compliance plugin called Consentik, built to help Shopify merchants adhere to regulations […]
Kirsten Doyle
How CTEM Helps Security Teams Focus on What Matters Most July 17, 2025
Cybersecurity exposure isn’t just about known vulnerabilities. It’s about the misconfigurations, control gaps and overlooked entry points that attackers use to move quietly through systems and compromise high-value assets. Traditional security approaches often focus on patching known issues and generating long lists of CVEs. But they don’t always reflect what attackers see or how they […]
Süleyman Özarslan
Episource Breach Exposes Health Data of 5.4 Million Americans July 17, 2025
A medical billing company tied to UnitedHealth has suffered one of the year’s largest healthcare breaches. More than 5.4 million people have been caught in the fallout. Episource, which handles claims and billing for doctors and hospitals, said a criminal gained access to its systems earlier this year. The breach lasted a week, ending on […]
Kirsten Doyle
Chinese Hackers Breached U.S. National Guard Network for Nine Months July 17, 2025
A Chinese state-backed hacking group infiltrated a U.S. Army National Guard network and stayed there, undetected, for most of 2024. The group, known as Salt Typhoon, is believed to have operated inside the network of an unnamed U.S. state from March through December, according to a Department of Homeland Security memo. Their reach may have […]
Kirsten Doyle
AI Appreciation Day: What the Experts Have to Say July 16, 2025
This year’s AI Appreciation Day shines a light on the rising power of artificial intelligence in every field. Cybersecurity experts come together to discuss what AI has achieved, and the hurdles it still faces. Cybersecurity experts share their views with Information Security Buzz: Traditional Access Controls Fall Short Rom Carmel, Co-founder and CEO at Apono, […]
Kirsten Doyle
Taming Repeat Clickers: Managing High-Risk Cyber Behaviors July 16, 2025
Of all the battles against phishing and social engineering attacks, organizations have a silent and underestimated security threat: the repeat clicker. These individuals, despite years of awareness training and simulated phishing drills, consistently click on suspicious links in emails. Unlike one-time mistakes, repeated clicking indicates ingrained behavioral habits that blanket awareness programs cannot correct. To […]
Erich Kron

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

CERT-UA Discovers LAMEHUG Malware Linked to APT28, Using LLM for Phishing Campaign

Share :

Leave a Reply Cancel reply