hacker-attack-on-ukrainian-armed-forces-state-special-communications-service-warns-of-dangerous-letters-on-alleged-recruitment

Hacker Attack on Ukrainian Armed Forces: State Special Communications Service Warns of Dangerous Letters on Alleged Recruitment

 • 29356 переглядiв

Hackers are sending messages with malware to soldiers of the Armed Forces of Ukraine under the guise of recruiting for the 3rd Separate Special Forces Brigade and the IDF. This was reported by the State Service for Special Communications and Information Protection of Ukraine, UNN reports.

Details

The Governmental Computer Emergency Response Team of Ukraine CERT-UA, which operates under the State Special Communications Service, took measures to prevent a series of cyberattacks in which attackers sent messages with malware to the Armed Forces of Ukraine via the Signal messenger on the topic of recruitment to the Third Separate Assault Brigade of the Armed Forces of Ukraine and the Israeli Defense Forces (IDF)

- the agency summarized.

It is noted that  suspicious activity was detected by specialists of the American-Japanese company Trendmicro at the end of December 2023, as reported by CERT-UA.

The attackers' messages contain archive files, running the contents of which will infect the computer with REMCOSRAT and REVERSESSH malware.

Російські хакери Gamaredon значно збільшили кількість кібероперацій проти України - Дерспецзв'язку25.10.23, 00:03 • [views_139665]

This allows attackers to remotely access the computers of Ukrainian soldiers and spy on them in real time.

At the same time, the attackers try to make the names and contents of the archives interesting for the military - "prisoner interviews," "geolocation," "coding commands," "call signs," and so on.

Addendum

More details about the technical side of the attack can be found in the CERT-UA report. The agency emphasizes that in case of detection of suspicious activity on computers and in the ICS of the Armed Forces of Ukraine, please immediately inform the ITS Cybersecurity Center.

For reference

Remcos is a sophisticated remote access trojan (RAT) that can be used to fully control and monitor any Windows computer

Remcos RAT bypasses antivirus systems and injects itself into Windows processes to appear safe.

Recall

In December last year , Russian hackers attacked users from Ukraine and Poland by sending emails with malware.

Volodymyr Omelchenko

War

    Popular

    Kyiv and the region are on air alert: air defense is in operation

     • 21723 переглядiв

    Ukraine and Russia negotiate to end strikes on energy facilities - FT

     • 50843 переглядiв

    A small number of DPRK troops are already in Ukraine - CNN

     • 24382 переглядiв

    Biden: Ukraine should retaliate if DPRK soldiers cross its border

     • 27237 переглядiв

    News by theme