Ukraine warns of new phishing campaign targeting its critical infrastructure
Ukraine alerts about a new phishing campaign threatening critical infrastructure with Cuba Ransomware. Emails impersonate military sources and lead victims to malware, reportedly tied to Tropical Scorpius threat actor.
The Computer Emergency Response Team of Ukraine (CERT-UA) reported the spread of phishing emails targeting critical infrastructure with Cuba Ransomware. The operations are linked to the threat actor ‘Tropical Scorpius’.
As explained by CERT-UA Team, phishing emails impersonated the Press Service of the General Staff of the Armed Forces of Ukraine, enticing recipients to click a link. After clicking on a link, victims are lured to update the PDF Reader software to read the embedded document. Upon clicking the ‘DOWNLOAD’ button, victims are infected with malware known as ‘ROMCOM RAT.’
About author
DW Team
The GIP Digital Watch Observatory team, consisting of over 30 digital policy experts from around the world, excels in the fields of research and analysis on digital policy issues. The team is backed by the creative prowess of Creative Lab Diplo and the technical expertise of the Diplo tech team.