Ukraine recorded at least three cyberattacks in March targeting government agencies and critical infrastructure with new spying malware. The attacks were carried out using previously unknown malware — dubbed Wrecksteel — deployed through phishing emails, according to a report released on Thursday by Ukraine’s computer emergency response team (CERT-UA). The hackers used compromised accounts to send messages containing links to public file-sharing services such as DropMeFiles and Google Drive. When opened, the links executed a PowerShell script, enabling attackers to extract text documents, PDFs, images, and presentations, as well as take screenshots of infected devices.
Hackers hit Ukrainian state agencies, critical infrastructure with new ‘Wrecksteel’ malware (Daryna Antoniuk, The Record)
Related articles
