Threat Management, Data Security, Risk Assessments/Management

Ukraine: Cyberattacks aiming for Telegram accounts

Ukraine's State Service of Special Communication and Information Protection has issued a warning regarding new cyberattacks from the UAC-0094 threat cluster that have been targeting Telegram accounts, The Hacker News reports. Attackers have been found to leverage Telegram messages warning recipients that their credentials have been used to log in from a new device in Russia while advising them to click an account confirmation link, which redirects to a phishing domain seeking for victims' phone numbers and one-time passwords to facilitate account takeovers. "The criminals sent messages with malicious links to the Telegram website in order to gain unauthorized access to the records, including the possibility to transfer a one-time code from SMS," said the SSSCIP of Ukraine. Similarities have been observed between the new campaign and a phishing attack last month that involved the use of various Indian organizations' compromised email accounts to hijack account users. The Telegram-targeted campaign also comes after Ukraine's Computer Emergency Response Team reported about Armageddon's use of war-related phishing lures to target the country's government agencies.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.