Hackers are attacking the military and government agencies using fake court summonses

Hackers have launched a new wave of cyberattacks against government agencies, units of the Defense Forces, and enterprises of the defense-industrial complex in the form of phishing emails disguised as court summonses. This was reported by... reports State Service for Special Communication and Information Protection.

According to the agency, the fake emails contain links to a legitimate file-sharing service. Clicking on the link initiates the download of a ZIP archive containing malware.

"The attackers are using a multi-stage attack chain aimed at stealing data and gaining remote control over systems," the service warned.

The attacks are being carried out by the UAC-0099 group, which has significantly updated its toolkit and started using new malicious programs Matchboil, Matchwok, and Dragstare.

"This indicates an evolution of the group's tactics, techniques, and procedures," the State Special Communications Service said.

The agency urged all institutions and enterprises to strengthen control over incoming correspondence, train employees to identify phishing emails, and be cautious about emails with links to download archives.

• May 5th, State Special Communication Service published an analysis of hacking attacks for the second half of 2024. The report, prepared by the CERT-UA team, states that the energy sector remains a priority target for Russian hackers, who are changing their tactics in favor of long-term operations.