Cybercriminals from the UAC-0050 group have started sending fraudulent emails with the subject of "requests". The governmental team for responding to computer emergencies of Ukraine CERT-UA warns about this, the press service of the State Special Communication Service reports, UNN writes.
Details
According to the experts, on January 9, emails were sent with the subject lines "request for court documents" and "request". The emails contained archive files, which, if opened, would infect a computer with RemcosRAT and QuasarRAT malware.
Subsequently, a massive distribution of emails with the subject "Request from Medoc" was recorded with an attachment in the form of a RAR-archive "Request.rar" or a link to download it from Bitbucket or Google Drive.
As in the previous case, running the attached files will install the Remote Utilities program on the system.
Recall
As UNN previously reported , Russian hackers have changed their methods and goals. Now, instead of destroying our system, they are trying to find evidence of their war crimes.
Помста за Київстар триває: хакери зламали московського інтернет-провайдера –джерело09.01.24, 11:29