On October 8, 2025, cybersecurity experts disclosed a coordinated effort labeled PhantomCaptcha, which specifically aimed at organizations contributing to relief efforts in Ukraine. The campaign’s primary objective was to infect members of organizations like the International Red Cross and the Norwegian Refugee Council with a remote access trojan (RAT).
This RAT utilized a WebSocket for its command-and-control functionality, allowing attackers to maintain control of infected systems stealthily. The targeting of such humanitarian organizations highlights an alarming trend where cyber-attacks are increasingly directed at NGOs, especially in conflict zones. As the war in Ukraine continues, the implications of this campaign underscore the urgent need for enhanced cybersecurity measures among relief organizations.
👉 Pročitaj original: The Hacker News
