August 12, 2024 at 02:39PM
Ukraine’s CERT-UA discovered malicious software being distributed through emails impersonating the country’s Security Service. The emails contain a link to download a file triggering the ANONVNC malware, allowing attackers to access victims’ devices. More than 100 government devices have been affected, and users are advised to contact CERT-UA if suspicious. Measures are being taken to address the threat.
Key takeaways from the meeting notes are:
– Ukraine’s Computer Emergency Response Team (CERT-UA) discovered a mass distribution of emails containing malicious software posing as the country’s Security Service (SSU).
– The emails contain a link to download a file called “Document.zip” which triggers a download of the MSI-file. Opening this file launches a malware called ANONVNC, allowing attackers to gain unauthorized access to a victim’s device.
– More than 100 affected devices within central and local government bodies have been identified.
– CERT-UA recommends that users contact them if suspicious of any activity and urges everyone to be cautious and attentive.
– The activity is tracked as UAC-0198, and CERT-UA is taking measures to mitigate the threat.