1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • New phishing campaign disguised as Ukraines Security Service targ

    From TechnologyDaily@1337:1/100 to All on Tue Aug 13 11:15:04 2024
    New phishing campaign disguised as Ukraines Security Service targeting government computers

    Date:
    Tue, 13 Aug 2024 11:09:20 +0000

    Description:
    New phishing campaign targets Ukrainian government disguised as the Security Service of Ukraine.

    FULL STORY ======================================================================

    A new phishing campaign has been discovered targeting the computers of Ukraines government disguising itself as the Security Service of Ukraine.

    The campaign was brought to light by the Computer Emergency Response Team of Ukraine (CERT-UA), in a warning that disclosed that, if successful, the
    attack could deploy malware enabling remote desktop access.

    So far, over 100 computers have been infected by the campaign since July
    2024. ANONVNC malware

    CERT-UA has labelled the activity as UAC-0198, with the malware in use by the attackers being a modification of the MeshAgent remote management system. The attackers will send an email that appears to be from the Security Service of Ukraine which contains a ZIP file containing an MSI installer which is loaded with the malware named ANONVNC.

    CERT-UA also warned that an additional threat actor tracked as UAC-0057 has been distributing PicassoLoader malware via phishing attacks, which
    eventually leads to the deployment of Cobalt Strike Beacon software.

    In a statement on the attacks, CERT-UA warned, It is reasonable to assume
    that the objects of interest of UAC-0057 could be both specialists of project offices and their 'contractors' from among the employees of the relevant
    local governments of Ukraine.

    A further threat actor, UAC-0102 has been running a campaign using phishing emails containing HTML attachments that appear to be the UKR.NET login page, but any credentials entered are stolen by the attackers.

    Ukraine has been increasingly targeted by cyber attacks since Russias
    invasion in February 2022, with several attempts to knock out key infrastructure such as mobile networks and internet service providers proving successful.

    Via TheHackerNews More from TechRadar Pro These are the best firewalls around right now Russias shadow war against Europe has begun as cyber attacks
    abusing Microsoft infrastructure increase Take a look at our guide to the
    best endpoint protection tools available



    ======================================================================
    Link to news story: https://www.techradar.com/pro/new-phishing-campaign-disguised-as-ukraines-secu rity-service-targeting-government-computers


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)