A zip attachment contains a img with an exe: the malware. The other, a pdf downloading a zip with an exe: the same malware. The data is exfiltrated via SMTP.
Ukraine is again under a foreign cyber offensive. Maybe Made in Moscow
The Ukraine is again under a foreign cyber warrfare offensive. It has been deounced by the Kiev’s cyber police chief to Reuters
The Ukraine is again under a foreign cyber warfare offensive. It has been deounced by the Kiev’s cyber police chief to Reuters. Hackers from Russia are infecting local companies with malicious software to create “back doors” for a large, coordinated cyber attack. The targets includes banks and energy infrastructure firms, in a roll out that suggests they are preparing to activate the malware in one massive strike, cyber police chief Serhiy Demedyuk said. Ukrainian police are working with foreign authorities to identify the hackers, Demedyuk added. Moreover the cyber security experts explain that the risks of a catastrophe are not limitated to the country. For the researchers it’s difficult to contain the impact of a cyber warfare aggression within one nation, so it is possible this new threat could spread around the globe. In fact, the scale of the current campaign is the same as NotPetya.
Serhiy Demedyuk: 99% of the traces come from Russia. The cyber security experts: It’s possible that this new threat could spread around the globe
Since the start of 2018, Ukraine police have identified viruses in phishing emails sent from legitimate domains of state institutions whose systems were hacked and fake webpages mimicking that of a real state body, Reuters reported. Hackers have sought to evade detection by breaking malware into separate files, put onto targeted networks before they activate them, Demedyuk said. “Analysis of the malicious software that has already been identified and the targeting of attacks on Ukraine suggest that this is all being done for a specific day,” he said. In the past, some cyber warfare aggressions have coincided with major Ukrainian holidays. Demedyuk said another strike could be launched on Thursday — Constitution Day — or on Independence Day in August. For Kiev the guilty is the Moscow cyber army. “Everything we’re seeing, everything we’ve intercepted in this period: 99 percent of the traces come from Russia,” the cyber police chief concluded.
Related Posts
