Key Findings The Russia-aligned threat actor known as UAC-0184 (also tracked as Hive0156) has been targeting Ukrainian military and government entities by leveraging the Viber messaging platform to deliver malicious ZIP archives. The attack campaign involves using Viber to distribute malicious ZIP files disguised as official Ukrainian parliamentary documents and military casualty data. The ZIP archives contain Windows shortcut (LNK) files posing as Microsoft Word and Excel do
