Ukrainian government’s computer emergency response team CERT-UA, under the State Service for Special Communications and Information Protection, warns against sending new phishing emails on government networks with subject (in Ukrainian) No. 1275 of April 7, 2022″.
This was reported by the press service of the State Committee for Television and Radio Broadcasting on Facebook.
The letters contain an HTML file, the opening of which will create an archive with a file “On the persecution and killing of prosecutors by the Russian army in the temporarily occupied territories.lnk”.
Opening it, in turn, will allow hackers to take full control of the affected computer and steal sensitive data, as well as damage files and computer systems,” the statement said.
It should be noted that the attack is believed to be led by the UAC-0010 (Armageddon) group, which has been repeatedly exposed in attacks on government websites in Ukraine and across the EU.
The CERT-UA team warns that the group of hackers uses the NO-IP dynamic DNS service. Therefore, it is necessary to pay special attention to the connection with the domain names used by the mentioned service.
As Ukrinform reported earlier, since Russia began large-scale aggression, more than 120 powerful cyberattacks against Ukrainian government and military assets were quickly detected and neutralized.