The Technology section is published with the support of Favbet Tech
Specialists of the government emergency response team of Ukraine CERT-UA using Trendmicro investigated a series of cyber attacks aimed at military personnel of the Ukrainian Armed Forces.
Trendmicro specialists discovered suspicious activity at the end of 2023 and reported it to CERT-UA. During these attacks, under the guise of recruiting for the 3rd Separate Assault Brigade and the Israel Defense Forces (IDF), attackers sent messages containing malware via the Signal messenger. Such messages contain archive files, the launch of which leads to infection of the computer with the REMCOSRAT and REVERSESSH malware. At the same time, the attackers try to make the names and contents of the archives interesting for the military – “interrogation of a prisoner,” “geolocation,” “encoding commands,” “call signs,” etc. Detailed information about the technical side of the attack is presented on the CERT-UA website.
Despite the use of publicly available tools (which may lead to the discovery of similarities with other attacks), the described activity according to other specific characteristics is a separate cluster of cyber threats and is tracked by the identifier UAC-0184.
CERT-UA reminds that if suspicious activity is detected on computers and information and communication systems of the Armed Forces of Ukraine, it is necessary to immediately inform the ITS Cyber Security Center (military unit A0334; email: [email protected]) .
The Technology section is published with the support of Favbet Tech
Favbet Tech is IT a company with 100% Ukrainian DNA, which creates perfect services for iGaming and Betting using advanced technologies and provides access to them. Favbet Tech develops innovative software through a complex multi-component platform that can withstand enormous loads and create a unique experience for players. The IT company is part of the FAVBET group of companies.