Search the site...


Russian Spear Phishing Campaign Hits Ukraine


Ukrainian cyber security agencies have warned that their government and private organizations are being targeted by a massive spear phishing campaign launched by Russian threat actors. 

The Ukrainian secret service has called this the work of ‘special services of the Russian Federation. It is noteworthy that this is the third cyber attack coming from the Russian side to target Ukrainian organizations this year.

Get in!

Join our weekly newsletter and get the latest cybersecurity updates delivered directly to your inbox

The Sequence of the Attack

It is believed that the spear phishing campaign started in early June. Alerts were released by the Ukrainian Secret Service, Ukrainian Cyber Police, and CERT Ukraine regarding the same.

The attackers impersonated the Kyiv Patrol Police Department. They have sent out fraudulent emails that warn the recipients of their failure to pay taxes.

Russian Spear-phishing campaign hits Ukraine
(Source – CERT-UA)

The people who received the emails reported that they were urged to download a RAR archive (included in the email). On decompression, this drops a fake pdf file, which in reality is a double extension EXE file (filename.pdf.exe).

Victims unknowingly installed a modified version of a remote access software named RemoteUtilities that would ping back to remote command and control servers present in Russia, Germany, and the Netherlands.

CERT officials have said that these attacks used tactics similar to those used in the attacks carried out in January and March.

Ever since tensions boiled after changes in the geopolitical situation between Russia and Ukraine in 2014, Ukraine has been a target of many cyber attacks. Moreover, they have attributed many of these attacks to the Kremlin.

What's next

A Guide To “What is Clone Phishing?”

You must be receiving official emails from your service providers very often. While you find those emails annoying, hackers...

Ransomware Cost to Grow Exponentially to Reach $265 Billion by 2031

The footprint of ransomware has been growing globally in terms of both impact and payouts for attackers. However, it...

Outbound Email Security Policy

Today, almost every organization in the Middle East uses emails as a primary means of communication. But the question...

Post a comment

Your email address will not be published.

No Comments