Ukrainian Troops Targeted in Phishing Attacks by Suspected Belarusian APT
Ukraine's Computer Emergency Response Team calls out UNIC1151 nation-state hacking group out of Belarus as behind the attacks.
A fresh wave of phishing attacks targeting the Ukrainian military appears to be the handiwork of the UNC1151 military hacking team out of neighboring nation Belarus, according to the Ukraine Computer Emergency Response Team (CERT).
The email — sent to victims' personal email accounts — attempts to lure the recipient to click on a malicious link that then siphons their email messages and address books to further spread the phishing campaign. UNC1151 traditionally has waged attacks for cyber-espionage purposes, according to Mandiant, and comes at a time of high cyber alert in Ukraine and elsewhere.
"Mass phishing emails have recently been observed targeting private 'i.ua' and 'meta.ua' accounts of Ukrainian military personnel and related individuals. After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages. Later, the attackers use contact details from the victim’s address book to send the phishing emails," the CERT posted on its social media account, according to a report from Reuters.
About the Author(s)
You May Also Like
Beyond Spam Filters and Firewalls: Preventing Business Email Compromises in the Modern Enterprise
April 30, 2024Key Findings from the State of AppSec Report 2024
May 7, 2024Is AI Identifying Threats to Your Network?
May 14, 2024Where and Why Threat Intelligence Makes Sense for Your Enterprise Security Strategy
May 15, 2024Safeguarding Political Campaigns: Defending Against Mass Phishing Attacks
May 16, 2024
Black Hat USA - August 3-8 - Learn More
August 3, 2024Cybersecurity's Hottest New Technologies: What You Need To Know
March 21, 2024