A recent phishing attempt that poses as the Security Service of Ukraine and spreads malware capable of remote desktop access has prompted a warning from the Computer Emergency Response Team of Ukraine (CERT-UA).
The Computer Emergency Response Team of Ukraine (CERT-UA) has issued a warning regarding a recent phishing effort that disseminates malware with the ability to access remote desktops by impersonating the Security Service of Ukraine.
Under the code UAC-0198, the organization is keeping tabs on the action. Since July 2024, an estimated 100 or more computers—including those connected to the nation’s federal agencies—have become infected.
Attack chains use a large-scale email distribution method to send a ZIP archive file that contains an MSI installer file, which, when opened, releases malware known as ANONVNC.
ANONVNC enables covert illegal access to compromised computers and is based on the open-source remote management application MeshAgent.
This comes after CERT-UA linked the hacking group UAC-0102 to phishing attempts that spread HTML attachments imitating UKR.NET’s login page in an attempt to obtain users’ passwords.
The organization has also issued warnings in recent weeks of an increase in campaigns disseminating PicassoLoader malware, which is intended to install Cobalt Strike Beacon on hacked devices. A threat actor identified as UAC-0057 has been connected to the attacks.
“It is reasonable to assume that the objects of interest of UAC-0057 could be both specialists of project offices and their ‘contractors’ from among the employees of the relevant local governments of Ukraine,” stated CERT-UA.
Do Follow: CIO News LinkedIn Account | CIO News Facebook | CIO News Youtube | CIO News Twitter
About us:
CIO News is the premier platform dedicated to delivering the latest news, updates, and insights from the CIO industry. As a trusted source in the technology and IT sector, we provide a comprehensive resource for executives and professionals seeking to stay informed and ahead of the curve. With a focus on cutting-edge developments and trends, CIO News serves as your go-to destination for staying abreast of the rapidly evolving landscape of technology and IT. Founded in June 2020, CIO News has rapidly evolved with ambitious growth plans to expand globally, targeting markets in the Middle East & Africa, ASEAN, USA, and the UK.
CIO News is a proprietary of Mercadeo Multiventures Pvt Ltd.
