Belarus-linked Hackers Target Ukrainian Organizations with PicassoLoader Malware

GhostWriter, also known as UAC-0057, used PicassoLoader and Cobalt Strike Beacon to infect victims, including local government offices and groups associated with USAID’s Hoverla project.