The Government Emergency Response Team of Ukraine CERT-UA, operating under Gosspetssvyaz, reported the distribution of dangerous e-mails with the subject “Unified Official Report on the Humanitarian Situation. Ukraine”.
“The letters come from compromised e-mail addresses of state structures of Ukraine and contain attachments entitled “Humanitarian catastrophe of Ukraine since February 24, 2022″ in the form of an XLS document,” the press service of Gosspetssvyaz reported on Monday.
“The document contains a macro, the activation of which will lead to the launch of the file “baseupd.exe”, its execution will lead to the defeat of the computer by the malicious program Cobalt Strike Beacon”, – warned experts.
Activity is tracked by identifier UAC-0056. Gosspetssvyaz noted that these attackers had already carried out a cyberattack last week.