HomeUpdateWarning from the ukraine’s computer emergency response team (CERT-UA)

Warning from the ukraine’s computer emergency response team (CERT-UA)

-

Last Updated on 26/02/2022 by Nidhi Khandelwal

Ukraine’s Computer Emergency Response Team (CERT-UA) has warned that Belarusian state-sponsored hackers are phishing its military members and connected individuals as part of the country’s military invasion by Russia.

Warning from the ukraine’s computer emergency response team (CERT-UA) 1

“Mass phishing emails targeting private ‘i.ua’ and meta.ua’ accounts of Ukrainian military officers and related individuals have lately been spotted,” the CERT-UA warned. “Once the account is compromised, the attackers gain access to all of the messages via the IMAP protocol.”

UNC1151 is the name given by Mandiant to an unclassified threat cluster that operates with goals aligned with those of the Belarusian government. Since at least 2016, the hacking organization is thought to have been active.

In a November 2021 report, Mandiant researchers stated, “UNC1151 has targeted a wide array of governmental and business sector organizations, with an emphasis in Ukraine, Lithuania, Latvia, Poland, and Germany.” “Belarusian dissidents, media outlets, and journalists are also being targeted.”

The state-backed cyber espionage group has also been linked to the Ghostwriter disinformation campaign, which spread anti-NATO and corruption-themed narratives aimed at the governments of Lithuania, Latvia, and Poland, with the likely goal of undermining the governments and inflaming regional tensions.

Warning from the ukraine’s computer emergency response team (CERT-UA) 2

UNC1151 is also suspected to be behind the January defacement attacks on various Ukrainian government websites with threatening messages.

Nidhi Khandelwal
Nidhi Khandelwal
Nidhi is a tech news/research contributor at TheDigitalHacker. She publishes about techno geopolitics, privacy, and data breach.
- Advertisment -

Must Read

This is how Russia is being punished for the war

0
The developer of the popular "node-ipc" NPM package published a new modified version to denounce Russia's invasion of Ukraine, sparking concerns about open-source and...