CERT-UA has detected a massive malicious message campaign under the guise of integration with Amazon and Microsoft. The attacks targeted government agencies, businesses, and military formations and may have been prepared since August 2024.

The Computer Emergency Response Team of Ukraine (CERT-UA) has detected a massive distribution of malicious messages under the guise of integration with Amazon and Microsoft services and the implementation of zero-trust architecture. Government agencies, enterprises and military formations were targeted. UNN reports this with reference to the State Special Communications Service.

Details

According to the State Service of Special Communications, the emails contain attachments in the form of files with the ".rdp" extension, which, when launched, will allow hackers to access disks, audio devices and other resources on the local computer. They will also be able to run third-party programs/scripts on the victim's computer.

It is likely that the cyberattacks have been prepared since at least August 2024 and are not limited to Ukraine

– the State Special Communications Service added.

Addendum

If you suspect that you may have become a victim of an attack, contact CERT-UA:

E-mail: [email protected],

Tel. +38 (044) 281-88-25.

Recall

On October 16, it was reported that malware was being distributed via Telegram, allegedly from the technical support of the "Reserve+" application.