The group UAC-0001 (APT28), which is associated with the Russian intelligence services, may be involved in the attack.
Enemy hackers have launched a new large-scale cyber attack against Ukraine. This time it focused on local authorities, the State Special Communications Agency reported yesterday.
“Criminals send phishing emails with the subject line “Spreadsheet Replacement,” which contain a link that purports to be a Google Sheet, the link leads to a page with “instructions” for operating of the malicious command,” the report said.
Experts explain that upon receiving such a letter, the user follows the link and goes to a page that simulates protection against bots. After clicking on “I’m not a robot'” and executing the so-called “instructions”, a malicious script will be executed on the computer:
-
executing the command will download the program and create it using a tunnel;
-
theft of browser data (Chrome, Edge, Opera, Firefox, etc.);
-
installing malware.
The government team for responding to computer emergency events in Ukraine, CERT-UA, suggests that the group UAC-0001 (APT28), which is associated with the Russian intelligence services, may be involved in attack
It was previously known that Telegram scammers were sending the virus through the fake Reserve+ bot. It is suggested to install “special software”. It steals files from user devices.
It was also reported that hackers, under the guise of recruiting for the 3rd Brigade and the IDF, were sending messages with malicious software to the Armed Forces of Ukraine.
Ukrainian hackers congratulated Peskov on his birthday
New Correspondent.net on Telegram and WhatsApp. Subscribe to our channels Athletistic and WhatsApp
Source: korrespondent
I am David Wyatt, a professional writer and journalist for Buna Times. I specialize in the world section of news coverage, where I bring to light stories and issues that affect us globally. As a graduate of Journalism, I have always had the passion to spread knowledge through writing.