CERT-UA Alerts Ukrainian State Authorities of Remcos Software-Fueled Cyber Attacks

2023-02-08 06:16

The Computer Emergency Response Team of Ukraine has issued an alert warning of cyber attacks against state authorities in the country that deploy a legitimate remote access software named Remcos.

The bogus emails that kick-start the infection sequence claim to be from Ukrainian telecom company Ukrtelecom and come bearing a decoy RAR archive.

Of the two files present in the file, one is a password-protected RAR archive that's over 600MB and the other is a text file containing the password to open the RAR file.

Embedded within the second RAR archive is an executable that leads to the installation of the Remcos remote access software, granting the attacker full access to commandeer compromised computers.

Remcos, short for remote control and surveillance software, is offered by Breaking Security either for free or as a premium version that costs anywhere between €58 and €945.

The latest CERT-UA advisory comes as the State Cyber Protection Centre of Ukraine pointed fingers at a Russian state-sponsored threat actor known as Gamaredon for its targeted assaults aimed at public authorities and critical information infrastructure.

News URL

https://thehackernews.com/2023/02/cert-ua-alerts-ukrainian-state.html

#attack #cert #ukrainian