Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
BRAVE1

BRAVE1 Vendor Cyber Rating & Cyber Score

brave1.gov.ua

BRAVE1 is the one-of-a-kind entry point for cooperation in a field of Ukrainian defense tech: companies, startups, government, defense forces, investors, volunteer funds, media and all who join forces for victory through technology. BRAVE1 – Ukrainian Defense Tech cluster co-founded by the Ministry of Digital Transformation of Ukraine, the Ministry of Defence of Ukraine, the General Staff of the Armed Forces of Ukraine, the National Security and Defense Council of Ukraine, the Ministry of Strategic Industries of Ukraine, the Ministry of Economy of Ukraine.


BRAVE1 A.I CyberSecurity Scoring

BRAVE1
Company Information
Website:https://brave1.gov.ua/en/
Employees number:60
Number of followers:24,886
NAICS:336414
Industry Type:Defense and Space Manufacturing
Homepage:brave1.gov.ua
BRAVE1 Risk Score (AI oriented)
Between 700 and 749
logo
BRAVE1Defense and Space Manufacturing
Updated:
15/06/2026
734/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
BRAVE1 Global Score (TPRM)
xxxx
logo
BRAVE1Defense and Space Manufacturing
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

BRAVE1
BRAVE1Moderate
Current Score
734Ba (MODERATE)
01000
1 incidents
-13 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
735Before Incident
JUNE 2026
734Before Incident
MAY 2026
734Before Incident
APRIL 2026
746Before Incident
Cyber Attack
01 Apr 2026BRAVE1
Ukrainian law enforcement, Ukrainian military innovation centers and Ukrainian local governments: WinRAR Vulnerability Exploited by Russian Hackers to Deploy GIFTEDCROOK Stealer

Russian Hackers Exploit WinRAR Flaw to Steal Data from Ukrainian Organizations

733After Incident
CRITICAL-13
BRAASSMIN1781511853
Russian Hackers Exploit WinRAR Flaw to Steal Data from Ukrainian Organizations Russian cyber threat groups are actively exploiting a patched WinRAR vulnerability (CVE-2025-8088) to infiltrate Ukrainian organizations, stealing passwords, session cookies, and sensitive files. Despite the flaw being fixed in July 2025, multiple Russia-aligned hacking collectives including SHADOW-EARTH-066 (UAC-0226) and Earth Dahu (Gamaredon) continue to weaponize it as recently as April 2026. The attacks begin with spear-phishing emails containing malicious RAR archives. When opened with an outdated WinRAR version, the exploit silently drops hidden payloads into the Windows Startup folder while displaying a decoy PDF. Upon the next login, the malware executes automatically, deploying an evolved version of the GIFTEDCROOK information stealer. SHADOW-EARTH-066 has targeted Ukrainian military innovation centers, law enforcement, and local governments near the eastern border. Earth Dahu, active since at least 2013, delivers espionage tools via HTML Application (HTA) files hosted on Cloudflare Workers. Both groups exploit the same unpatched entry point, though their toolsets differ. The malware, internally named result.dll, extracts data from Chrome, Edge, Opera, and Firefox including passwords, session cookies, and master decryption keys while scanning for files with 35 extensions (e.g., spreadsheets, email files, KeePass databases). Stolen data is encrypted with dual-layer RC4 and exfiltrated over HTTPS to command-and-control (C&C) servers in France, the Netherlands, and Switzerland. After exfiltration, the malware removes staging files and Startup entries, minimizing forensic traces. GIFTEDCROOK’s evolution highlights increased sophistication: earlier versions used Telegram bots with plaintext tokens, while the current variant employs encrypted HTTPS communication and a Chrome App-Bound Encryption bypass. PowerShell loaders are heavily obfuscated to evade detection, and the final payload never writes decoded files to disk. Other Russia-linked groups, including Sandworm, Turla, and Void Rabisu, have also exploited this vulnerability. The persistent abuse underscores a critical gap: WinRAR lacks automatic updates or enterprise patch management, leaving organizations vulnerable if manual updates are overlooked. Indicators of compromise (IoCs) include LNK or HTA files in the Startup folder, short alphanumeric files (e.g., KKN, ND8) in C:\ProgramData, and connections to C&C servers such as 166[.]0[.]132[.]237 (port 7044) and 194[.]58[.]66[.]82. The malicious RAR archive sample analyzed has a SHA-256 hash of 3d371ef71e40c34a75c168d464d47db096f386499d99aa88d4e16b63cd4acda25.
INCIDENT DETAILS -
TYPE
Cyber Espionage, Data Theft
MOTIVATION
Cyber espionage, Data exfiltration
IMPACT
Data Compromised: Passwords, session cookies, master decryption keys, files with 35 extensions (e.g., spreadsheets, email files, KeePass databases)Systems Affected: Windows systems with outdated WinRAR versionsIdentity Theft Risk: High
DATA BREACH
PasswordsSession cookiesMaster decryption keysFiles (spreadsheets, email files, KeePass databases)Sensitivity Of Data: HighData Encryption: Dual-layer RC4.xls.xlsx.eml.kdbx
MARCH 2026
746Before Incident
FEBRUARY 2026
746Before Incident
JANUARY 2026
746Before Incident
DECEMBER 2025
746Before Incident
NOVEMBER 2025
746Before Incident
OCTOBER 2025
746Before Incident
SEPTEMBER 2025
746Before Incident
AUGUST 2025
746Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for BRAVE1 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in June 2026 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in May 2026 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in April 2026 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in March 2026 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in February 2026 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in January 2026 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in December 2025 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in November 2025 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in October 2025 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in September 2025 ?
?
What was BRAVE1's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on BRAVE1's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with BRAVE1 ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view BRAVE1's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?