The government’s CERT-UA response team has detected a massive email campaign on behalf of the Security Service of Ukraine containing malware. This was reported by the press service of the State Special Communications Service, Komersant ukrainskyi reports
The emails contain a link to download a file called “Documents.zip”, but in fact, clicking on the link initiates the download of an MSI file, the opening of which will launch the ANONVNC malware, which allows attackers to gain hidden unauthorised access to the victim’s computer.
CERT-UA has already detected more than 100 affected computers, including those of state and local governments.
“CERT-UA has taken immediate measures to reduce the likelihood of the cyber threat being implemented. We urge you to be especially careful and immediately contact CERT-UA in case of suspicious activity,” the statement said.
It should be noted that hackers from Belarus have recently attacked Ukrainian project offices and local governments. They used malware to obtain the necessary data.
The content of the detected files (“oborona.rar”, “66_oborona_PURGED.xls”, “trix.xls”, “equipment_survey_regions_.xls”, “accounts.xls”, “spreadsheet.xls”, “attachment.xls”, “Tax_2024.xls”) concerned the reform of local governments (USAID/DAI HOVERLA project), taxation, and financial and economic indicators.
According to the State Service for Special Communications, the discovered documents indicate that the hackers were interested in financial and economic indicators, taxation, and local government reform.