Hacker group UAC-0185 attempted to attack Ukrainian defense enterprises and security and defense forces.
Hacker group UAC-0185 made an attempt to attack Ukrainian defense enterprises and security and defense forces.
The government team for responding to computer emergency events of Ukraine CERT-UA, which operates under the State Special Communications, recorded new cyber attacks.
The UAC-0185 hacker attack began with phishing emails disguised as official messages from the Ukrainian Union of Industrialists and Entrepreneurs. They were talking about an invitation to a conference dedicated to the transition of products of domestic enterprises of the defense-industrial complex to NATO technical standards, which was held on December 5 in Kyiv.
The email contained the hyperlink "The attachment contains important information for your participation." Clicking on this link and subsequently opening the attached files could lead to computer infection.
The UAC-0185 group has been active since at least 2022. Hackers focused on stealing the credentials of the messengers Signal, Telegram, WhatsApp and military systems DELTA, TENETA, and NETTLE. Less often, cyberattacks were carried out to obtain unauthorized remote access to the computers of employees of defense enterprises and representatives of the security and defense forces.
We will remind that according to the Microsoft Digital Defense Report, 600 million cyberattacks are recorded in the world every day .
In October, a wave of phishing attacks targeting accountants of Ukrainian enterprises was recorded. In September, hackers tried to gain access to the military systems GRISELDA and "Ochi" through the smartphones of soldiers of the Armed Forces of Ukraine . A month earlier, the UAC-0020 (Vermin) group, associated with law enforcement agencies, at. Luhansk, sent e-mails with photos of fake prisoners of war from the Kursk region .
