In July, cybercrime significantly increased in Ukraine. Hackers are targeting the personal data of citizens; for this purpose, they have, among other things, forged the UKR.NET website.
The government’s Emergency Computer Response Center CERT-UA has reported a rise in attacks by the hacker group UAC-0102. Their goal is to steal UKR.NET accounts. The attackers are particularly interested in tax officials, employees of government agencies, military personnel, and workers from other organizations and enterprises.
A common tactic involves emails with attachments in the form of HTML files that mimic web pages. Hackers exploit the lower security of public email services compared to corporate ones.
Upon opening the attached file, the victim is redirected to a site that looks like the UKR.NET page, which is, in fact, a phishing site. Any logins, passwords, and other information entered are captured by the attackers.
CERT-UA recommends several steps to protect against such attacks:
- Enabling two-factor authentication wherever possible.
- Avoiding the use of public email from work computers and networks.
- Implementing tools to redirect emails to a more secure corporate email system.
Sources: State Special Communication and Information Protection Service, CERT-UA
Comments (0)
There are no comments for now