CySecurity News – Latest Information Security and Hacking Incidents
Ukraine’s Computer Emergency Response Team (CERT-UA) released evidence last week regarding a malicious campaign tracked as UAC-0026, which SentinelLabs associated with China-linked Scarab APT. threat actors.
Scarab APT was first spotted in 2015, but researchers believe it has been active since at least 2012, conducting surgical assaults against multiple nations across the globe, including Russia and the United States.
Threat actors are targeting the Ukrainian system by distributing malware via phishing messages using weaponized documents that deploy the HeaderTip malware. The phishing texts employ a RAR-archive titled “On the preservation of video recordings of the criminal actions of the army of the Russian Federation.rar” which contains the EXE-file of the same name. The malicious document employed in the campaign spotted by CERT-UA mimics the National Police of Ukraine.
“Running the executable file will create a lure document ‘# 2163_02_33-2022.pdf’ on the computer (applies to a letter from the National Police of Ukraine), as well as a DLL file with the MZ header ‘officecleaner.dat’ and the BAT file ‘o
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: