The government’s Computer Emergency Response Team of Ukraine CERT-UA, operating under the State Service for Special Communications and Information Protection, warns about new phishing e-mails being sent across government networks with the topic (in Ukrainian) No.1275 of Apr 7, 2022″.
This was reported by the press service of the State Committee for Television and Radio Broadcasting on Facebook.
The letters contain an HTML file, the opening of which will create an archive with a file “On the persecution and murder of prosecutors by the Russian military in the temporarily occupied territories.lnk.”
Its opening, in turn, will allow hackers to gain full control over the affected computer and steal sensitive data, as well as damage files and computer systems,” the statement reads.
It is noted that the attack is believed to be run by the UAC-0010 (Armageddon) group, which has repeatedly been exposed on attacks on government websites both in Ukraine and across the EU.
The CERT-UA team warns that the group of hackers uses the Dynamic DNS service NO-IP. Therefore, it is necessary to pay special attention to the connection with domain names used by the mentioned service.
As Ukrinform reported earlier, since the start of the full-scale aggression by Russia, more than 120 powerful cyberattacks on Ukrainian government and military resources have been promptly detected and neutralized.
Source: Another cyberattack ongoing on Ukraine government networks