This is reported by Ukrinform with reference to the press service of the State Special Communications in Telegram.

It is stated that this type of activity is associated with the hacker group UAC-0010 (Armageddon).

As the chapter warns, if you click on the link from the letter, a RAR archive will be created on your computer containing a shortcut file called “TDI tools with TDI tools” (for example, “08.11.2022.rar”). Expert opinion on compliance with technical information protection.lnk requirements”. Opening it will lead to the download of malicious programs, including data stealers.

It is emphasized that e-mails are sent using the @mail.gov.ua service. In other words, criminals even more carefully disguise themselves as representatives of state bodies.

Hacker group UAC-0010 (Armageddon) is associated with Russia’s FSB. Since the beginning of the full-scale military invasion of Russia, they enter the list of the most active groups attacking our country.

As reported, at the end of October malicious emails were sent on behalf of a number of structures of the security and defense sector – the press service of the General Staff of the Armed Forces of Ukraine and the Ukrainian Security Service. It is possible that such a “cover” will be used by hackers in the future.