The Computer Emergency Response Team of Ukraine (CERT-UA) warned of a spear phishing campaign targeting the private email accounts of Ukrainian armed forces personnel. Once a victim has been compromised, the phishing emails are sent to contacts in the victim’s address book. The emails are coming from a domain attempting to impersonate a free internet portal that has provided an email service Ukrainians since 2008. CERT-UA has attributed the attack to a Belarusian threat group. The members of the Minsk-based group, UNC1151, are officers of the Ministry of Defense of the Republic of Belarus. CERT-UA published the following example of the malicious emails: “Dear user! Your contact information or not you are a spam bot. Please, click the link below and verify your contact information. Otherwise, your account will be irretrievably deleted. Thank you for your understanding.
Regards, I.UA Team”