On Aug. 12, Ukraine’s Computer Emergency Response Team (CERT-UA) discovered a mass distribution of emails carrying malicious software posing as the country’s Security Service (SSU).
The emails contain a link to download a file called “Document.zip” that, once clicked on, triggers a download of the MSI-file. This file launches a malware called ANONVNC that, when opened, allows attackers to gain unauthorized access to a victim’s device.
CERT-UA has identified more than 100 affected devices within central and local government bodies and urges everyone to be cautious and attentive. It recommends that users contact CERT-UA if suspicious of any activity.
The activity is tracked as UAC-0198, and CERT-UA is taking measure to mitigate the threat.
https://eu-images.contentstack.com/v3/assets/blt6d90778a997de1cd/blt483f011036db21f8/66ba488df9b09cfb14f2b975/fishhook1800_Feng_Yu_alamy.jpg?disable=upscale&width=1200&height=630&fit=crop