HOTLINE(050) 447-70-63
We are available 24/7
Leave your contact details
and we contact you
Thank you for reaching out

Or contact us:

[email protected]

(050) 447-70-63

File a complaint

SSCS warns of a new cyber attack on state institutions by mass emailing

11.07.2022, 17:51
Photo credit: online.stanford.edu
Photo credit: online.stanford.edu

The State Service for Special Communications and Information Protection warns of dangerous e-mails being sent en masse from compromised addresses of Ukrainian state institutions.

Emails with the subject "Joint official report on the humanitarian situation. Ukraine" have attachments in the form of an XLS document "Humanitarian catastrophe of Ukraine since February 24, 2022.xls".

As the State Special Communications Service notes, this document contains a macro which, if activated, will create and open a "baseupd.exe" file on the computer. As a result, the device will be affected by the Cobalt Strike Beacon malware.

The attack is associated with the activity of the UAC-0056 group. Last week's cyber attack was linked to the same group.

CERT-UA specialists are taking measures to identify the circumstances under which the email accounts were compromised, as well as to block the malware management server.

Cyber experts recommend using multi-factor authentication for email.

As IMI reported, on July 7 The State Service for Special Communications and Information Protection of Ukraine reported a new cyber attack on Ukrainian government institutions, conducted through sending emails with the subject "Specialized prosecutor's office in the military and defense field. Information on the vacancies and their staffing." The emails had an XLS document attached; this document contains a macro which, if activated, will create and open a "write.exe" file on the computer. As a result, the device will be affected by the Cobalt Strike Beacon malware.

Liked the article?
Help us be even more cool!
Do you want to be first to learn about the new research of the Institute of Mass Information? Subscribe to the newsletter!
Thank you for suscribing!