Dozens of Ukrainians were able to download virus files to their computers as a result of a fake mailing of letters allegedly on behalf of the State Emergency Service.This was reported by the press service of the State Special Communications Service, UNN reports.
Details
The State Special Communications Service recorded a massive mailing of letters with the subject lines "Information from the State Special Communications Service of Ukraine" and "State Emergency Service of Ukraine", allegedly from the State Special Communications Service and the State Emergency Service of Ukraine, respectively.
As explained by experts , the emails contain links to archives hosted on the BitBucket service. They, in turn, contain SFX archives, opening of which will lead to the installation of Remote Utilities remote control program on the system and display a "decoy".
It is noted that in the case of the mailing on behalf of the State Special Communication Service, the legitimate CCleaner program "to remove the virus from the computer" was used as a "bait", and in the mailing on behalf of the SES, an image with an "evacuation plan" was used.
According to Bitbucket statistics, starting from 23:00 on January 21, 2024 to 10:30 on January 22, 2024, malicious files were downloaded more than 3000 times. The number of successfully infected computers can reach several dozen, for the vast majority of which CERT-UA has taken measures to counter the cyber threat
Addendum
The State Service for Special Communications also noted that the UAC-0050 group recently sent out letters regarding "legal claims" and "debts." The attack targeted users from Ukraine and Poland.
The UAC-0050 group also attempted to steal data by disguising themselves as the Ukrainian Foreign Ministry, the Security Service of Ukraine, the Pechersk Court, and Ukrtelecom.
Last year, emails with malicious attachments were also sent out allegedly on behalf of the State Emergency Service, the press service of the General Staff of the Armed Forces of Ukraine, the Security Service of Ukraine, the State Special Communications Service, and even CERT-UA.
Recall
Today, on January 22, the State Emergency Service warned Ukrainians about fraudulent messages from the alleged SES.
The agency noted that they did not send out these messages and that it was extremely dangerous to follow the links.