According to the State Special Communications Service, cybercriminals are sending Ukrainian military personnel emails with fake information about the latest weapons. The emails are accompanied by a file containing a RARSFX archive, which contains an EXE installer with the SPECTR malware. This virus collects confidential information, including passwords. In addition, hackers carry out attacks through the Signal messenger, where they send shortcut files that infect devices and allow remote access to the victims' data.

The Center for Strategic Communications and Information Security notes that this cyber group was created before Russia's full-scale invasion of Ukraine and consists of collaborators and former employees of Ukrainian law enforcement agencies.

The purpose of such cyber attacks is to undermine the ability of the Armed Forces of Ukraine to effectively defend the country and destabilize the situation at the front by breaking information systems. By collecting confidential data, including passwords and other important information, hackers can gain access to military plans, unit locations and other critical information, which can jeopardize both military operations and the lives of Ukrainian servicemen. In addition, Russia actively uses cyber attacks for information warfare to discredit Ukraine's defense capabilities in the eyes of the international community, presenting these breaks as weaknesses in the protection of critical infrastructure.