New Hacking Campaign Targeting Ukrainian Government with IcedID Malware

Cyber Security

Products You May Like

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new wave of social engineering campaigns delivering IcedID malware and leveraging Zimbra exploits with the goal of stealing sensitive information.

Attributing the IcedID phishing attacks to a threat cluster named UAC-0041, the agency said the infection sequence begins with an email containing a Microsoft Excel document (Мобілізаційний реєстр.xls or Mobilization Register.xls) that, when opened, prompts the users to enable macros, leading to the deployment of IcedID.

CyberSecurity

The information-stealing malware, also known as BokBot, has followed a similar trajectory to that of TrickBot, Emotet, and ZLoader, evolving from its earlier roots as a banking trojan to a full-fledged crimeware service that facilities the retrieval of next-stage implants such as ransomware.

Ukrainian Government

The second set of targeted intrusions relate to a new threat group dubbed UAC-0097, with the email including a number of image attachments with a Content-Location header pointing to a remote server hosting a piece of JavaScript code that activates an exploit for a Zimbra cross-site scripting vulnerability (CVE-2018-6882).

CyberSecurity

In the final step of the attack chain, the injected rogue JavaScript is used to forward victims’ emails to an email address under the threat actor’s control, indicating a cyber espionage campaign.

The incursions are a continuation of malicious cyber activities targeting Ukraine since the start of the year. Recently, CERT-UA also disclosed that it had foiled a cyberattack by Russian adversaries to sabotage the operations of an unnamed energy provider in the country.

Products You May Like

Articles You May Like

Vivo X Fold 3 Pro vs OnePlus Open: Which One Should You Get?
Superconductors at Room-Temperature Possible If Electron Pairing Can Be Decoded, Claims Study
SpaceX Polaris Crewed Mission Delayed After Leak in Ground Equipment
Apple Cuts Jobs in Online Services Group as Priorities Shift
ISRO and IIT Guwahati Discover New Challenges in Theories of X-Ray Pulsar

Leave a Reply

Your email address will not be published. Required fields are marked *