BleepingComputer reports that Ukrainian government agencies were reported by the country's Computer Emergency Response Team to have had more than 100 computers compromised with the AnonVNC malware as part of a new phishing attack campaign spoofing the Security Service of Ukraine last month.
Attacks commenced with the delivery of malicious emails purportedly from the SSU that sought the submission of certain required documents and included hyperlinks to a Documents.zip archive, which when clicked would trigger an MSI file that would facilitate malware installation, reported CERT-UA, which also noted stealthy tracking of the impacted devices by the UAC-0198 threat operation. "Note that related cyber attacks have been carried out since at least July 2024 and may have a broader geography," CERT-UA added. Such a development comes weeks after more than 600 Ukrainian apartment buildings were reported by Dragos to have had their power disrupted by an attack with the Russia-linked FrostyGoop malware in January.