Викриття Russian hackers are sending out dangerous emails with the subject line "About a revenge action in Kherson!".
As reported by the government response team to computer emergency events in Ukraine CERT-UA, a grouping associated with the Russian Federal Security Service UAC-0010 (Armageddon ) carries out a new cyber attack As stated in the message, the hackers are sending dangerous emails with the theme "About the action of revenge in Kherson!", which contain attachments in the form of a file "Plan Kherson.htm".
If a person opens the file, a new file is created on the victim's computer - "Herson.rar" with the shortcut "Plan of approach and laying explosives on critical infrastructure facilities in Kherson.lnk". And as an end result, the GammaLoad.PS1v2 malware is downloaded. The UAC-0010 (Armageddon) hacker group is among those that have been actively attacking our country's critical information infrastructure since the beginning of Russia's full-scale military invasion of Ukraine. During cyber attacks, hackers use topics that are painful for Ukrainians. There have also been cases of cyber attacks by this group against EU countries," the State Security Service reported.