Russian hackers use the attack on "Kyivstar" for their purposes
Category
World
Publication date

Russian hackers use the attack on "Kyivstar" for their purposes

Hacker

Russian hackers from the UAC-0050 group are sending e-mails with embedded malware to Ukrainians, taking advantage of the situation with Kyivstar. The mass mailing was noticed by experts of the Governmental Computer Emergency Response Team of Ukraine CERT-UA.

Russian hackers send emails with malware, using an attack on Kyivstar

The e-mails of Ukrainians received letters regarding "Debts under the Kyivstar contract", which contained attachments in the form of the "Subscriber's Debt.zip" archive with attachments in the form of attached password-protected RAR archives, the message says.

CERT-UA specialists also recorded sending letters with the subject "Request from the SSU" and the attachment "Documents.zip". It is noted that the attachment contains a password-protected RAR archive, "Zapyt.rar", with the file "Zapyt.exe". If users open the archive and run the file, their device will be infected with the RemcosRAT remote access program.

This is not the first such attack by the UAC-0050 group. Recently, cybercriminals have been sending letters about "lawsuits" and "debts." Users from Ukraine and Poland became the object of the attack, the State Special Communications Service of Usaid.

CERT-UA specialists recommend filtering emails with password-protected attachments.

Cyber attack on Kyivstar

On the morning of December 12, "Kyivstar" subscribers reported the disappearance of mobile Internet and communication.

Later, the company reported that a large-scale cyber attack had been carried out on "Kyivstar".

Russian hackers from the "Solntsepek" group, a Russian military intelligence hacker unit, took responsibility for the cyber attack on the operator.

From December 13, the company gradually restored voice communication, mobile Internet, SMS services, mobile Internet in Kyiv and Kharkiv subways, and roaming.

By staying online, you consent to the use of cookies files, which help us make your stay here even better 

Based on your browser and language settings, you might prefer the English version of our website. Would you like to switch?