Kirovohradska Pravda reports phishing attempt

The regional print weekly Kirovohradska Pravda has sustained a large-scale phishing attack, editor Natalia Marynets reports to Pavlo Lisnychenko, the regional representative of the IMI in Kirovohradska oblast.

Marynets says that the news outlet’s editorial phone number was receiving notifications about attempts to access the weekly’s official email account and Telegram channel for 20 minutes on Friday, April 18. They also received messages offering various discounts, bonuses, and opening credit limits to this number.

“Since all our official communication channels are tied to this number, we were somewhat concerned. Losing access to the Telegram channel would be critical for us,” says the journalist.

She added that having received several dozen such messages, the team began checking whether third-party users had logged in to their resources.

“Just in case, we changed all passwords and updated our two-factor authentication. We also reported the situation to the Cyber ​​Police,” added Natalya Marynets.

She attributes the attempted hack to the popularity of the news outlet’s Telegram channel, which allows Kirovohradska Pravda to meet the needs of different audiences and has a "newspaper with memes" reputation in the regions.

On April 8, the IMI received multiple phishing emails claiming to be from accountants, which arrived to the NGO's inbox. The emails were sent by the hacker group UAC-0050, which is affiliated with the Russian intelligence services. The Digital Security Laboratory (Tsyfrolaba) tells the IMI that such emails aim to install malware that will spy on the victim and steal data from their computer's Windows system.