Security News > 2022 > March > Ukrainian CERT Warns Citizens of Phishing Attacks Using Compromised Accounts
Ukraine's Computer Emergency Response Team warned of new phishing attacks aimed at its citizens by leveraging compromised email accounts belonging to three different Indian entities with the goal of compromising their inboxes and stealing sensitive information.
"In this way, they gain access to the email inboxes of Ukrainian citizens."
Interestingly, TVS Rubber is an automotive company based out of the Indian city of Madurai, suggesting that attacks leveraged an already compromised email account to distribute the phishing emails.
"All these mailboxes have been compromised and are being used by the Russian Federation's special services to carry out cyberattacks on Ukrainian citizens," the agency said.
The development comes as the NATO nations unanimously voted to admit Ukraine to the Cooperative Cyber Defence Centre of Excellence as a "Contributing Participant," as Russia's military invasion of the country continued well into the second week and cyber attacks have rained down on government and commercial targets.
"Ukraine's presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations. Ukraine could bring valuable first-hand knowledge of several adversaries within the cyber domain to be used for research, exercises and training," Col Jaak Tarien, director of CCDCOE, said in a statement.
News URL
https://thehackernews.com/2022/03/ukrainian-cert-warns-citizens-of.html
Related news
- CERT-UA Warns of Phishing Attacks Targeting Ukraine’s Defense and Security Force (source)
- Midnight Blizzard Escalates Spear-Phishing Attacks On Over 100 Organizations (source)
- Windows infected with backdoored Linux VMs in new phishing attacks (source)
- Phishing-as-a-Service "Rockstar 2FA" Targets Microsoft 365 Users with AiTM Attacks (source)
- GenAI makes phishing attacks more believable and cost-effective (source)
- Inside the incident: Uncovering an advanced phishing attack (source)
- Ongoing phishing attack abuses Google Calendar to bypass spam filters (source)