CERT-UA Warns of SmokeLoader and RoarBAT Attacks Against Ukraine


CERT-UA Warns of SmokeLoader and RoarBAT Attacks Against Ukraine

An invasively phishing campaign with invoice-themed lures is being used to distribute the SmokeLoader malware in the form of a polyglot file, according to the Computer Emergency Response Team of Ukraine (CERT-UA.

The JavaScript code is then used to launch an executable that paves for the execution of the smoke loader malware.

In a related advisory, Ukraine’s cybersecurity authority also revealed details of destructive attacks orchestrated by a group known as UAC-0165 against public sector organizations.

This, in turn, was achieved by archiving the identified files using the -df command-line option and subsequently purging the created archives.

Access to the ICS target of the attack is allegedly obtained by connecting to a VPN using compromised authentication data.

#shorts #techshorts #technews #tech #technology #destructive attacks #attack #CERT-UA

👋 Feeling the vibes?

Keep the good energy going by checking out my Amazon affiliate link for some cool finds! 🛍️

If not, consider contributing to my caffeine supply at Buy Me a Coffee ☕️.

Your clicks = cosmic support for more awesome content! 🚀🌈


Leave a Reply

Your email address will not be published. Required fields are marked *