The country’s Computer Emergency Response Team of Ukraine, or CERT-UA, reports that it has successfully stopped a cyber attack against an unnamed critical energy infrastructure facility.
The agency says the attack started with a phishing email containing a link to a malicious ZIP archive That activates the infection chain.
When a CMD file is run, several decoy web pages will be opened, several .bat
and .vbs files will be created, and a VBS file will be launched, which in turn will execute the BAT file.
CERT UA said the attack was ultimately unsuccessful because of the fact that access to Mocky and the Windows Script Host was restricted.
It’s worth noting that APT28 has been linked to the use of the Mocky APIs in the past
๐ Feeling the vibes?
Keep the good energy going by checking out my Amazon affiliate link for some cool finds! ๐๏ธ
If not, consider contributing to my caffeine supply at Buy Me a Coffee โ๏ธ.
Your clicks = cosmic support for more awesome content! ๐๐
Leave a Reply