Hacking groups are targeting Ukrainian defense and military companies with phishing attacks, Ukraine’s Computer Emergency Response Team (CERT-UA) said in a report released over the weekend.
CERT did not reveal who was behind the hacking group, identifying it as UAC-0185, also known as UNC4221. But earlier this year, a cybersecurity firm linked the group to the Russian government.
Contact us
Do you have more information about the cyberattack against Ukraine? Or was this another attack carried out by Russian government hackers? For non-work devices, you can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, on Telegram and Keybase @lorenzofb or via email. You can also contact TechCrunch through SecureDrop.
The hackers sent the emails impersonating the Union of Ukrainian Industrialists and Entrepreneurs (ULIE), which calls itself “Ukraine’s largest union of business organizations and economic entities.” According to CERT-UA, the email was designed to look like an invitation to an actual conference held in Kiev last week and was sent ahead of the conference.
According to CERT-UA, hackers are targeting employees working in the Ukrainian defense industry and the Defense Forces.
Cybersecurity publication The Record has more details about this hacking campaign and group.
