The CERT-UA team, which operates under the State Special Communications Service, has detected a new large-scale cyberattack aimed at local governments in Ukraine, UNN reports with reference to the State Special Communications Service.
Details
According to the State Service for Special Communications, the attackers send phishing emails with the subject line "Replace Table" that contain a link to a supposedly Google spreadsheet. In fact, the link leads to a page with "instructions" for running a malicious command.
How the attack scheme works:
After receiving the email, the user clicks on the link and ends up on a page that simulates bot protection.
After clicking on "I'm not a robot" and following the proposed "instructions", a malicious command is executed on the computer.
Executing the script will result in:
- downloading the program and creating a tunnel using it;
- theft of authentication and other browser data (Chrome, Edge, Opera, Firefox, etc.);
- installation of broadband access points.
Has your account been hacked? Cyberpolice explained what to do24.10.24, 19:57