APT28 Uses BEARDSHELL and COVENANT Malware to Spy on Ukrainian Military

Published: 20 hours ago (March 10, 2026 at 06:55 AM EDT)

1 min read

Source: The Hacker News

APT28, the Russian state‑sponsored hacking group also known as Blue Athena, BlueDelta, Fancy Bear, and Fighting Ursa, has been observed deploying two implants—BEARDSHELL and COVENANT—to conduct long‑term surveillance of Ukrainian military personnel. According to a report from ESET, the malware families have been in active use since April 2024 and were detailed in a briefing shared with The Hacker News.

Back to Blog

New ‘BlackSanta’ EDR killer spotted targeting HR departments

For more than a year, a Russian‑speaking threat actor has been targeting human‑resource HR departments with malware that delivers a new EDR killer named BlackSa...

New 'Zombie ZIP' technique lets malware slip past security tools

!https://www.bleepstatic.com/content/hl-images/2026/03/10/zombiezip.jpg A new technique dubbed “Zombie ZIP” helps conceal payloads in compressed files specially...

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

Cybersecurity researchers have discovered a new malware called KadNap that's primarily targeting Asus routers to enlist them into a botnet for proxying maliciou...

Microsoft Teams phishing targets employees with A0Backdoor malware

!https://www.bleepstatic.com/content/hl-images/2026/02/17/Microsoft_Teams.jpg Hackers contacted employees at financial and healthcare organizations over Microso...

Related posts

New ‘BlackSanta’ EDR killer spotted targeting HR departments

New 'Zombie ZIP' technique lets malware slip past security tools

KadNap Malware Infects 14,000+ Edge Devices to Power Stealth Proxy Botnet

Microsoft Teams phishing targets employees with A0Backdoor malware