Ukraine's Government Computer Emergency Response Team (CERT-UA) has recorded new cyberattacks against Ukrainian defense enterprises and security and defense forces, according to a statement from the State Service for Special Communications and Information Protection (SSSCIP).
"The attack began with phishing emails that were disguised as official messages from the Ukrainian Union of Industrialists and Entrepreneurs. They referred to an invitation to a conference dedicated to transitioning the production of domestic defense industry enterprises to NATO technical standards, which took place on December 5 in Kyiv," the SSSCIP said on Monday.
It was noted that the email contained a hyperlink labeled "The attachment contains important information for your participation." Clicking on this link and opening the attached files could lead to computer infection.
The SSSCIP reports that the attack was carried out by the UAC-0185 group, which has been actively operating since at least 2022. This group has focused on stealing credentials for Signal, Telegram, WhatsApp messengers, as well as military systems DELTA, TENET, and Kropyva. They have also conducted cyberattacks less frequently to gain unauthorized remote access to the computers of defense enterprise employees and security and defense representatives.
