Ukraine's governmental computer emergency response team CERT-UA warned of a new cyberattack. Attackers mass-send letters with the subject “Consolidated Official Humanitarian Report. Ukraine”, according to the State Special Communications Service in Telegram.

[see_also ids\u003d"

Letters are sent from compromised e-mail boxes of state bodies. They contain an attachment in the form of an XLS document entitled " xls"

This document contains a macro that, when activated, will run the baseupd file.. exe. Executing the file will cause the computer to be infected by the Cobalt Strike Beacon malware..

The attack is linked to the UAC-0056 group, which is also considered responsible for the cyber attack committed last week..

CERT-UA specialists take measures to establish the circumstances of compromised email accounts, as well as blocking the malware control server. For enhanced security, it is highly recommended to use multi-factor authentication for email.

Recall that earlier experts recorded an attack that was carried out by sending letters with “vacancies in a specialized prosecutor's office”.