Hackers use the theme of" prisoners of War from the Kursk direction " to carry out their cyber attacks, The State Special Communications Service warned on Monday, writes UNN.
Details
"The Government Response Team CERT-UA recorded cyber attacks using emails containing photos with images of alleged prisoners of war and links to download the archive," the report says.
"Cyberattack UAC-0020 (Vermin) using the subject of prisoners of war in the Kursk direction; a new FIRMACHAGENT tool (CERT-UA#10742)", - described cyber threat in CERT-UA.
As indicated in Gosspetsvyaz, opening a file from this archive will download the SPECTR spyware program to your computer, as well as a new FIRMACHAGENT program for uploading stolen data to the management server.
"The UAC-0020 (Vermin) group, associated with the law enforcement agencies of the so - called Luhansk, is responsible for the attack," the State Special Communications Service said in .
CERT-UA recommends the following steps to protect yourself from cyber threats: :
- Restrict the rights of user accounts by isolating them from the "Administrators"/"administrators" groups to reduce the attack surface.
- Apply appropriate policies (SRP/AppLocker) to prevent users from running files with the extension .CHM and powershell.exe.
Cyberattack on monobank stopped after three days - Gorokhovsky19.08.24, 10:48