The Government Computer Emergency Response Team of Ukraine CERT-UA, which operates under the State Special Communications Service, reports increased activity of the UAC-0184 group, which is trying to gain access to military computers to steal documents and messengers data.
This was reported by the State Special Communications Service.
Thus, the attackers use popular messengers, social networks and other platforms for dating and communication to spread malware. Their methods include:
- bait messages: for example, about the opening of enforcement proceedings/criminal cases
- videos of military operations;
- request for acquaintance, etc;
- files (archives) with a request for assistance in opening/processing them.
According to the agency, the attackers use such malware to steal and download data from a computer, including messages and contact details of the Signal messenger, which is quite popular among the military.
"Any reckless online activity by a serviceman (for example, publishing a photo in military uniform) makes it easier for attackers to identify priority targets for attacks," the agency said.