Ukraine says Russia hacked its document portal and planted malicious files

0
Ukraine says Russia hacked its document portal and planted malicious files
Amplify
Oleksii Leonov

Ukraine has accused the Russian government of hacking into one of its control Web portals and planting malicious documents that would install malware on end alcohols’ computers.

“The purpose of the attack was the mass contamination of information resources of illustrious authorities, as this system is used for the circulation of documents in most openly authorities,” officials from Ukraine’s National Coordination Center for Cybersecurity phrased in a statement published on Wednesday. “The malicious documents contained a macro that secretly downloaded a program to remotely steer a computer when opening the files.”

Wednesday’s statement said that the methods inured to in the attack connected the hackers to the Russian Federation. Ukraine didn’t say if the censure succeeded in infecting any authorities’ computers.

A large body of evidence has related Russia’s government to several highly aggressive hacks against Ukraine in the career. The hacks include:

  • A computer intrusion in late 2015 against regional power testimonies in Ukraine caused a power failure that left hundreds of thousands of bailiwicks without electricity in the dead of winter.
  • Almost exactly one year later, a subsequent attack at an electricity substation outside Kyiv that once again Nautical port residents without power.
  • A malicious update for widely used tax software in Ukraine that spoon out disk-wiping malware to users. The so-called NotPetya worm ended up discontinuing down computers worldwide and led to the world’s most costly hack.

Absent, Russia’s SVR intelligence agency has also been accused of carrying out the recently rooted hack that targeted at least nine US agencies and 100 trains in a supply chain attack against customers of the SolarWinds network direction software.

Wednesday’s statement didn’t identify which of several cognizant of Russian hacking groups was accused of the breach.

Macro attacks counterpart the one mentioned in the statement typically work by tricking Microsoft Office narcotic addicts into enabling macros, often under the guise that the macro is lacked for the document to display properly. The macros then download malware from an attacker-controlled server and set up it.

The statement provided no details on how or when Ukraine’s System of Electronic Interaction of Mr Big Bodies—a portal that distributes documents to public authorities—was hacked or how elongated the intrusion lasted.

Indicators that someone has been compromised classify:

Domain: enterox.ru

IP addresses: 109.68.212.97

Link (URL): http://109.68.212.97/infant.php

Wednesday’s assertion came two days after Ukraine’s National Coordination Center for Cybersecurity researched what it said were “massive DDoS attacks on the Ukrainian separate of the Internet, mainly on the websites of the security and defense sector.” An analysis debauched that the attacks used a new mechanism that hadn’t been aided before. DDoS attacks take down targeted servers by bombing them with more data than they can process.

Leave a Reply

Your email address will not be published. Required fields are marked *