The letters contain a virus that infects the computers of Ukrainians.
The government emergency response team of Ukraine CERT-UA revealed the distribution of fake letters on behalf of the state authorities of Ukraine allegedly with instructions to increase the level of information security. This was reported by the State Special Communications Service.
It is noted that the body of the letter contains a link to the site hxxps: // forkscenter [.] Fr /, from which it is proposed to download “critical updates” in the form of a file BitdefenderWindowsUpdatePackage.exe, the size of which is about 60 MB. This file runs the alt.exe loader, which installs a number of files.
Research has shown that running one of the files, one.exe, destroys your computer with the malicious program Cobalt Strike Beacon.
“If you have received or opened this letter, please notify cert@cert.gov.ua,” the statement said.
Earlier there was fake information that Kharkiv National University named after VN Karazina restores distance learning. The university also noted that there were several anonymous groups that associated themselves with the university and distorted the facts.
Watch the special topic: Kherson kidnapped European Solidarity faction The occupiers captured and tortured a world-famous athlete, world-class instructor, district council deputy and head of the EU faction Dmitry Afanasyev. About 60% of Russian missile launches in Ukraine fail – Reuters Since the invasion, Russia has launched more than 1,100 missiles. But how many of them hit targets is unknown. The military of the Russian Federation is beginning to move to the side of Ukraine – the reconnaissance company of Russian servicemen has moved to the side of Ukraine. Japan has expanded sanctions against Russia, including 25 people and 81 companies. Bankers Igor Shuvalov and Nikolai Shamalov have been restricted. In Berdyansk, the landing ship “Saratov” was destroyed, not “Orsk” – the General Staff of the APU Earlier published information about the destruction of the landing ship “Orsk” was not confirmed.