Show in Graph
Common Information
Type Value
Value 
FlyingYeti
Category Actor
Type Threat-Actor
Misp Type Cluster
Description FlyingYeti is a Russia-aligned threat actor targeting Ukrainian military entities. They conduct reconnaissance activities and launch phishing campaigns using malware like COOKBOX. FlyingYeti exploits the WinRAR vulnerability CVE-2023-38831 to infect targets with malicious payloads. Cloudforce One has successfully disrupted their operations and provided recommendations for defense against their phishing campaigns.
Details Published Attributes CTI Title
Details Website 2024-09-24 48 Unraveling SloppyLemming’s operations across South Asia
Details Website 2024-09-03 176 Unraveling SloppyLemming’s operations across South Asia
Details Website 2024-05-30 50 Disrupting FlyingYeti's campaign targeting Ukraine