UAT-5647 targets Ukrainian and Polish entities with RomCom malware variants

Cisco Talos has observed a new wave of attacks active since at least late 2023, from a Russian speaking group we track as “UAT-5647”, against Ukrainian government entities and unknown Polish entities