Ukraine’s war miseries emerging from Russia seem to be never-ending as a compromised email account related to the country’s Ministry of Defense was caught sending phishing emails to users of the Delta Situational awareness program.
Ukraine’s Computer Emergency Response Team of Ukraine created DELTA in March this year, to issue an alert to military personnel about the movements of enemy forces. It also acts as an intelligence gathering unit.
Because of a compromised email account, the emails of users using the DELTA program were being targeted with malware inflicted email links. And when the user clicks on the malicious link, they are being prompted to a website where a payload gets downloaded that then collects information.
What’s astonishing about the malicious payload is that it is being circulated with a valid digital certificate that authenticates the security software on the OS that the application is authentic and is not harmful.
As the whole of this process takes place convincingly, the process seems to be legitimate and so doesn’t attract the attention of the user until a breach takes place.
So, it’s high time does the Zelensky and his team start focusing on their country’s national infrastructure as a Putin propelled cyberwarfare can bring them to knees anytime.