Targeting of Ukrainian state entities
Date of report
  • March 2022
The Belarusian threat actor UNC1151 targeted multiple Ukrainian government agencies with a backdoor called MicroBackdoor. The malware was delivered via phishing emails that included a bait image and files containing malicious code. The backdoor and loader were created in January 2022, before Russia’s invasion of Ukraine.  
Suspected victims
  • Ukrainian state entities
Suspected state sponsor
  • Belarus
Type of incident
  • Espionage
Target category
  • Government
Victim government reaction
  • Unknown