Ukrainian Troops Targeted in Phishing Attacks by Suspected Belarusian APT
Ukraine's Computer Emergency Response Team calls out UNIC1151 nation-state hacking group out of Belarus as behind the attacks.
A fresh wave of phishing attacks targeting the Ukrainian military appears to be the handiwork of the UNC1151 military hacking team out of neighboring nation Belarus, according to the Ukraine Computer Emergency Response Team (CERT).
The email — sent to victims' personal email accounts — attempts to lure the recipient to click on a malicious link that then siphons their email messages and address books to further spread the phishing campaign. UNC1151 traditionally has waged attacks for cyber-espionage purposes, according to Mandiant, and comes at a time of high cyber alert in Ukraine and elsewhere.
"Mass phishing emails have recently been observed targeting private 'i.ua' and 'meta.ua' accounts of Ukrainian military personnel and related individuals. After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages. Later, the attackers use contact details from the victim’s address book to send the phishing emails," the CERT posted on its social media account, according to a report from Reuters.
About the Author
You May Also Like
The State of Attack Surface Management (ASM), Featuring Forrester
Nov 15, 2024Applying the Principle of Least Privilege to the Cloud
Nov 18, 2024The Right Way to Use Artificial Intelligence and Machine Learning in Incident Response
Nov 20, 2024Safeguarding GitHub Data to Fuel Web Innovation
Nov 21, 2024