The government Computer Emergency Response Team (CERT-UA) has observed a phishing campaign designed to spy upon Ukrainian officials.
CERT-UA recorded a mass distribution of emails spoofing Ukrtelecom, a local telecommunications company.
A victim finds an email in his inbox with "Court claim against your personal account" in the subject line. A RAR archive disguised as a court letter containing information on the alleged debt is attached to the email.
Once victims try to open the archive, they get redirected to an EXE file that installs the Remcos remote monitoring and surveillance program developed by BreakingSecurity.
Remcos is a tool designed to "remotely control your computers, anywhere in the world." It has a freeware version, and its premium cost is around 60 euros.
This is not a new strategy to target victims – CERT-UA has been tracking the activity since at least 2020.
"Based on the fact that the objects of cyberattacks are usually (but not exclusively) the state authorities of Ukraine, and also, taking into account the functionality of the programs used, we believe that the activity is carried out for the purpose of espionage," CERT-UA said.
More from Cybernews:
Targeting SpaceX’s Starlink in war is fair game, space warfare expert claims
China’s Google joins ChatGPT rivalry, introduces own AI chatbot
Microsoft's Bing and Edge get ChatGPT makeover, Google AI rivalry heats up
Apple may upgrade iPhones with reverse charging – years after Android phones
Linux targeted by Russian-linked ransomware for first time, says cyber watchdog
Subscribe to our newsletter
Your email address will not be published. Required fields are marked