Threat Intel Flash: Sisense Data Compromise: ARC Labs Intelligence Flash

Get the Latest


Ukraine Links Phishing Targeting Armed Forces to Belarusian Hackers

The Computer Emergency Response Team of Ukraine (CERT-UA) warned of a spear phishing campaign targeting the private email accounts of Ukrainian armed forces personnel. Once a victim has been compromised, the phishing emails are sent to contacts in the victim’s address book. The emails are coming from a domain attempting to impersonate a free internet portal that has provided an email service Ukrainians since 2008. CERT-UA has attributed the attack to a Belarusian threat group. The members of the Minsk-based group, UNC1151, are officers of the Ministry of Defense of the Republic of Belarus. CERT-UA published the following example of the malicious emails: “Dear user! Your contact information or not you are a spam bot. Please, click the link below and verify your contact information. Otherwise, your account will be irretrievably deleted. Thank you for your understanding.

Regards, I.UA Team”

Analyst Notes

These types of attacks are part of Russia’s hybrid warfare approach. The same tactics were seen during the annexation of Crimea in 2014. Russian forces leverage cyber-attacks to obtain information about opposing forces. Such information can be used to demoralize and interfere with an opposing force’s well-being while engaged in conflict. These attacks can also be used to cripple an opposing force’s communication systems and spawn disinformation campaigns.