Russian hackers from the UAC-0050 group are sending e-mails with embedded malware to Ukrainians, taking advantage of the situation with Kyivstar. The mass mailing was noticed by experts of the Governmental Computer Emergency Response Team of Ukraine CERT-UA.
Russian hackers send emails with malware, using an attack on Kyivstar
CERT-UA specialists also recorded sending letters with the subject "Request from the SSU" and the attachment "Documents.zip". It is noted that the attachment contains a password-protected RAR archive, "Zapyt.rar", with the file "Zapyt.exe". If users open the archive and run the file, their device will be infected with the RemcosRAT remote access program.
CERT-UA specialists recommend filtering emails with password-protected attachments.
Cyber attack on Kyivstar
On the morning of December 12, "Kyivstar" subscribers reported the disappearance of mobile Internet and communication.
Later, the company reported that a large-scale cyber attack had been carried out on "Kyivstar".
Russian hackers from the "Solntsepek" group, a Russian military intelligence hacker unit, took responsibility for the cyber attack on the operator.
From December 13, the company gradually restored voice communication, mobile Internet, SMS services, mobile Internet in Kyiv and Kharkiv subways, and roaming.
More on the topic
- Category
- Ukraine
- Publication date
- Додати до обраного