Security News > 2023 > May > Cyber Attacks Strike Ukraine's State Bodies in Espionage Operation
The Computer Emergency Response Team of Ukraine has warned of cyber attacks targeting state bodies in the country as part of an espionage campaign.
In the attack chain described by the agency, the emails targeted an unspecified ministry and purported to be from the Embassy of Tajikistan in Ukraine.
It's worth noting that DownEx was recently documented by Bitdefender as being used by an unknown actor in highly targeted attacks aimed at government entities in Kazakhstan and Afghanistan.
The findings show that some threat actors are still employing macro-based malware despite Microsoft disabling the feature by default in Office files downloaded from the web.
"The experimentation with and regular pivoting to new payload delivery techniques by tracked threat actors, especially IABs, is vastly different from attack chains observed prior to 2022 and heralds a new normal of threat activity," the company said.
"No longer are the most experienced cybercriminal actors relying on one or a few techniques, but rather are frequently developing and iterating new TTPs. The rapid rate of change for many threat actors suggests they have the time, capability, and understanding of the threat landscape to rapidly develop and execute new techniques."
News URL
https://thehackernews.com/2023/05/cyber-attacks-strike-ukraines-state.html
Related news
- 7-Zip MotW bypass exploited in zero-day attacks against Ukraine (source)
- RA World Ransomware Attack in South Asia Links to Chinese Espionage Toolset (source)
- Chinese espionage tools deployed in RA World ransomware attack (source)
- Zero-Day Alert: Google Releases Chrome Patch for Exploit Used in Russian Espionage Attacks (source)