A new large-scale cyberattack on government agencies has been detected in Ukraine: how data is stolen
Kyiv • UNN
CERT-UA has detected a large-scale cyberattack on government agencies through phishing emails with fake Google spreadsheets. Attackers steal browser data and install malware through a fake bot scan.
The CERT-UA team, which operates under the State Special Communications Service, has detected a new large-scale cyberattack aimed at local governments in Ukraine, UNN reports with reference to the State Special Communications Service.
Details
According to the State Service for Special Communications, the attackers send phishing emails with the subject line "Replace Table" that contain a link to a supposedly Google spreadsheet. In fact, the link leads to a page with "instructions" for running a malicious command.
How the attack scheme works:
After receiving the email, the user clicks on the link and ends up on a page that simulates bot protection.
After clicking on "I'm not a robot" and following the proposed "instructions", a malicious command is executed on the computer.
Executing the script will result in:
- downloading the program and creating a tunnel using it;
- theft of authentication and other browser data (Chrome, Edge, Opera, Firefox, etc.);
- installation of broadband access points.
Has your account been hacked? Cyberpolice explained what to doOct 24 2024, 04:57 PM • 21111 views