Hackers actively attack civil servants, military personnel, and representatives of Ukrainian defense enterprises using The Signal Messenger, which is popular among the military. This was warned in Gosspetsvyaz, reports UNN.
Details
Attackers use the darkcrystal RAT malware for their own purposes. Hackers usually send fake messages from one of the accounts that is in the victim's contact list.
First, scammers send a message containing the archive, its password, and comments about the need to open the file on your computer.
The archive contains an executable file with the extension".pif" or".exe", which in turn is a RARSFX archive and contains a VBE file, a BAT file, and an EXE file. running these files causes the computer to be affected by the darkcrystal RAT malware and gives attackers the ability to secretly gain unauthorized access to this computer
Хакери рф активізували атаки на мобільні пристрої українських військових15.05.24, 10:44
Addition
The government's Computer Emergency Response Team of Ukraine CERT-UA notes that cases of cyber attacks using instant messengers have recently become more frequent.
In this regard, experts urge Ukrainians to be careful even if the message was received from friends, and not Download or open suspicious files.
In addition, Gosspetsvyaz advises you to set up multi-factor authentication
Recall
Law enforcement officers detained two pro-Russian hackers in Kiev, who created fake accounts of the heads of the Ukrainian special services, in particular the head of the Security Service and the head of the Main Intelligence Directorate of the Ministry of Defense of Ukraine. Through social networks, hackers massively spread misinformation about the war in Ukraine.