BlueDelta's Credential-Harvesting Campaigns Targeting Ukraine

BlueDelta's Credential-Harvesting Campaigns Targeting Ukraine

First seen 7 Jan 2026, 16:46 UTC RecordedfutureComputingIndustrialcyber.Co 82% similarity 28.1

Article Content

Browse articles
ThreatCluster

Between February and September 2025, BlueDelta, a Russian state-sponsored group, conducted multiple credential-harvesting campaigns. These operations targeted users of UKR.NET, a popular Ukrainian webmail and news service, building on earlier activities from June 2024 to April 2025. The campaigns are part of BlueDelta's ongoing efforts to expand its credential-theft operations.

ThreatCluster AI

Community

Browse all →