Ukraine government networks under renewed cyber-attack

The State Service for Special Communications and Information Protection in Ukraine has said that government networks are under renewed cyber-attack.

The Computer Emergency Response Team of Ukraine CERT-UA, has issued a warning about new phishing e-mails being sent across government networks with the topic (in Ukrainian) “No.1275 of Apr 7, 2022″. The warning was made online on the department’s official Facebook page.

According to the notice, the emails open an HTML file that creates an archive with a file called “On the persecution and murder of prosecutors by the Russian military in the temporarily occupied territories.”

When that link is opened it allows hackers to gain full control over the affected computer and steal sensitive data, as well as damage files and computer systems..

It is believed to be run by the UAC-0010 (Armageddon) group, which has repeatedly been exposed on attacks on government websites both in Ukraine and across the EU.

The CERT-UA team warns that the group of hackers uses the Dynamic DNS service NO-IP. Therefore, it is necessary to pay special attention to the connection with domain names used by the mentioned service.

As Ukrinform reported earlier, since the start of the full-scale aggression by Russia, more than 120 powerful cyber-attacks on Ukrainian government and military resources have been promptly detected and neutralised.

Ukraine government networks have been under constant attack both prior to and now during the Russian invasion, as it once again is under renewed cyber-attack.

Thank you for taking the time to read this article, do remember to come back and check The Euro Weekly News website for all your up-to-date local and international news stories and remember, you can also follow us on Facebook and Instagram.