Dozens of infected computers: the State Service of Special Communications and Information Protection of Ukraine told about the consequences of fraudulent mailing from the alleged SES

Dozens of infected computers: the State Service of Special Communications and Information Protection of Ukraine told about the consequences of fraudulent mailing from the alleged SES

Kyiv  •  UNN

January 22 2024, 12:21 PM • 22808 views

According to the State Special Communications Service, dozens of Ukrainians downloaded virus files to their computers through fake emails allegedly sent by the SES.

Dozens of Ukrainians were able to download virus files to their computers as a result of a fake mailing of letters allegedly on behalf of the State Emergency Service.This was reported by the press service of the State Special Communications Service, UNN reports.

Details

The State Special Communications Service recorded a massive mailing of letters with the subject lines "Information from the State Special Communications Service of Ukraine" and "State Emergency Service of Ukraine", allegedly from the State Special Communications Service and the State Emergency Service of Ukraine, respectively.

As explained by experts , the emails contain links to archives hosted on the BitBucket service. They, in turn, contain SFX archives, opening of which will lead to the installation of Remote Utilities remote control program on the system and display a "decoy".

Russian hackers attacked Microsoft: hacked corporate emails of the corporation's employeesJanuary 20 2024, 10:11 AM • 64700 views

It is noted that in the case of the mailing on behalf of the State Special Communication Service, the legitimate CCleaner program "to remove the virus from the computer" was used as a "bait", and in the mailing on behalf of the SES, an image with an "evacuation plan" was used.

Image

According to Bitbucket statistics, starting from 23:00 on January 21, 2024 to 10:30 on January 22, 2024, malicious files were downloaded more than 3000 times. The number of successfully infected computers can reach several dozen, for the vast majority of which CERT-UA has taken measures to counter the cyber threat

- the agency summarized.

Addendum

The State Service for Special Communications also noted that the UAC-0050 group recently sent out letters regarding "legal claims" and "debts." The attack targeted users from Ukraine and Poland.

The UAC-0050 group also attempted to steal data by disguising themselves as the Ukrainian Foreign Ministry, the Security Service of Ukraine, the Pechersk Court, and Ukrtelecom.

Last year, emails with malicious attachments were also sent out allegedly on behalf of the State Emergency Service, the press service of the General Staff of the Armed Forces of Ukraine, the Security Service of Ukraine, the State Special Communications Service, and even CERT-UA.

Recall

Today, on January 22, the State Emergency Service warned Ukrainians about fraudulent messages from the alleged SES. 

The agency noted that they did not send out these messages and that it was extremely dangerous to follow the links.