In July, cybercrime in Ukraine intensified significantly. Hackers are hunting for personal data of citizens — for this purpose, in particular, they have faked the website UKR.NET
The government’s Computer Emergency Response Center CERT-UA has recorded an increase in attacks by the UAC-0102 hacker group. Their goal is to hijack UKR.NET accounts. The attackers are interested in tax officials, government employees, military personnel and employees of other organizations and enterprises.
A common method is emails with attachments in the form of HTML files that imitate web pages. Hackers take advantage of the lower security of public email services compared to corporate ones
After opening the attached file, the victim is taken to a website that looks like a UKR.NET page — in fact, it is a phishing site. The entered logins, passwords, and other data are passed to the attackers.
CERT-UA recommends several steps to protect against attacks:
Sources: State Special Communications Service, CERT-UA