Ukraine's State Service of Special Communication and Information Protection has issued a warning regarding new cyberattacks from the UAC-0094 threat cluster that have been targeting Telegram accounts, The Hacker News reports.
Attackers have been found to leverage Telegram messages warning recipients that their credentials have been used to log in from a new device in Russia while advising them to click an account confirmation link, which redirects to a phishing domain seeking for victims' phone numbers and one-time passwords to facilitate account takeovers.
"The criminals sent messages with malicious links to the Telegram website in order to gain unauthorized access to the records, including the possibility to transfer a one-time code from SMS," said the SSSCIP of Ukraine.
Similarities have been observed between the new campaign and a phishing attack last month that involved the use of various Indian organizations' compromised email accounts to hijack Ukr.net account users.
The Telegram-targeted campaign also comes after Ukraine's Computer Emergency Response Team reported about Armageddon's use of war-related phishing lures to target the country's government agencies.
SiliconAngle reports that mounting security alert fatigue has prompted Torq to introduce its new HyperSOC system based on its Hyperautomation Platform using artificial intelligence to enable security operation center response automation, management, and monitoring in a bid to bolster the investigation and remediation of cybersecurity threats.
Moldovan botnet operator Alexander Lefterov, also known as Alipatime, Alipako, and Uptime, has been indicted by the U.S. Department of Justice for his involvement in widespread attacks against U.S.-based computers, BleepingComputer reports.