August 21, 2024 By Pierluigi Paganini
The Computer Emergency Response Team of Ukraine (CERT-UA) warned of new phishing attacks, carried out by the Vermin group, distributing a malware.
The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign conducted by the Vermin group that distributed malware.
Vermin is a pro-Russian hacker group, also tracked as UAC-0020, that operates under the control of the law enforcement agencies of the temporarily occupied Luhansk.
The threat actor is using lures related to Ukraine’s offensive across the border.
The phishing messages include images of alleged prisoners of war from the Kursk region, the content is crafted to trick the recipients into clicking on a link pointing to a ZIP archive (“spysok_kursk.zi”).
The ZIP archive contains a Microsoft Compiled HTML Help (CHM) file that includes a JavaScript code that executes an obfuscated PowerShell script.
