ua en ru

Russian hackers attack Ukraine and Poland with emails titled 'SBU request'

Russian hackers attack Ukraine and Poland with emails titled 'SBU request' Photo: Russian hackers attack Ukraine and Poland (Getty Images)

Russian hackers have once again targeted users in Ukraine and Poland. This time, the attackers used phishing emails with links to "documents," according to the State Special Communications Service and Information Protection of Ukraine.

The country identified the sending of emails by the APT28 group between December 15 and 25. The emails contained links to "documents," visiting which led to the infection of the computer with malicious programs.

Apart from users in Ukraine, organizations in Poland also became the targets of the attack.

"Based on a combination of tactics, techniques, procedures, and tools, the activity is associated with the APT28 group," the service reported.

According to the State Special Communications Service, the malicious intent involves taking measures to develop a cyber attack on the entire information and communication system of the organization. Thus, compromising any computer can pose a threat to the entire network.

The service reported that emails with the subject SBU Request and an attachment in the form of a Documents.zip archive were detected. The archive, protected by a password, contained a split into three parts RAR archive Request.rar. The last part contains the executable file Request.exe. Opening such an archive and running the executable files can lead to the computer being infected with the RemcosRAT program.

Cyber attacks on Russia

Recently, cyber units of the Main Intelligence Directorate of Ukraine carried out another successful special operation on the territory of Russia. This time, it was an attack on the tax system of the aggressor state.

Thanks to the work of military intelligence, internet traffic of tax data across the entire territory of Russia fell into the hands of Ukrainian military intelligence. Russians tried in vain to restore the operation of their tax service for more than four days.

It was also reported that Ukrainian intelligence conducted a cyber operation against Rosaviatsiya, obtaining secret documents revealing the aviation collapse in Russia.