The Computer Crisis Reaction Team of Ukraine (CERT-UA) has warned of a new wave of social engineering strategies delivering IcedID malware and leveraging Zimbra exploits with the purpose of thieving delicate facts.
Attributing the IcedID phishing attacks to a threat cluster named UAC-0041, the company reported the infection sequence starts with an email that contains a Microsoft Excel doc (Мобілізаційний реєстр.xls or Mobilization Sign up.xls) that, when opened, prompts the buyers to enable macros, main to the deployment of IcedID.
The info-thieving malware, also recognized as BokBot, has adopted a equivalent trajectory to that of TrickBot, Emotet, and ZLoader, evolving from its before roots as a banking trojan to a whole-fledged crimeware support that services the retrieval of subsequent-stage implants this sort of as ransomware.
The incursions are a continuation of destructive cyber routines targeting Ukraine because the start out of the calendar year. Not too long ago, CERT-UA also disclosed that it experienced foiled a cyberattack by Russian adversaries to sabotage the functions of an unnamed electrical power provider in the nation.
Uncovered this short article attention-grabbing? Stick to THN on Fb, Twitter and LinkedIn to examine a lot more distinctive content we write-up.
Some pieces of this posting are sourced from: