Security News > 2022 > March > Ukrainian CERT Warns Citizens of Phishing Attacks Using Compromised Accounts

Ukraine's Computer Emergency Response Team warned of new phishing attacks aimed at its citizens by leveraging compromised email accounts belonging to three different Indian entities with the goal of compromising their inboxes and stealing sensitive information.
"In this way, they gain access to the email inboxes of Ukrainian citizens."
Interestingly, TVS Rubber is an automotive company based out of the Indian city of Madurai, suggesting that attacks leveraged an already compromised email account to distribute the phishing emails.
"All these mailboxes have been compromised and are being used by the Russian Federation's special services to carry out cyberattacks on Ukrainian citizens," the agency said.
The development comes as the NATO nations unanimously voted to admit Ukraine to the Cooperative Cyber Defence Centre of Excellence as a "Contributing Participant," as Russia's military invasion of the country continued well into the second week and cyber attacks have rained down on government and commercial targets.
"Ukraine's presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations. Ukraine could bring valuable first-hand knowledge of several adversaries within the cyber domain to be used for research, exercises and training," Col Jaak Tarien, director of CCDCOE, said in a statement.
News URL
https://thehackernews.com/2022/03/ukrainian-cert-warns-citizens-of.html
Related news
- CERT-UA Warns of UAC-0173 Attacks Deploying DCRat to Compromise Ukrainian Notaries (source)
- Ukrainian military targeted in new Signal spear-phishing attacks (source)
- Microsoft: Hackers steal emails in device code phishing attacks (source)
- Darktrace: 96% of Phishing Attacks in 2024 Exploited Trusted Domains Including SharePoint & Zoom Docs (source)
- Phishing attack hides JavaScript using invisible Unicode trick (source)
- FatalRAT Phishing Attacks Target APAC Industries Using Chinese Cloud Services (source)
- Hackers Exploit AWS Misconfigurations to Launch Phishing Attacks via SES and WorkMail (source)
- YouTube warns of AI-generated video of its CEO used in phishing attacks (source)
- CERT-UA Warns: Dark Crystal RAT Targets Ukrainian Defense via Malicious Signal Messages (source)
- Phishing platform 'Lucid' behind wave of iOS, Android SMS attacks (source)