Hackers from Russia attacked state organizations of Ukraine using the malicious program Cobalt Strike Beacon, the State Special Communications Service reported.
The government team of cybersecurity specialists CERT-UA found the file "changes in payroll with accruals.docx", which was distributed among state organizations of Ukraine by e-mail.
The document contained a link to an HTML file with JavaScript code, which will run the PowerShell command, load the EXE file "ms-msdt.exe" and damage the computer with the malicious program Cobalt Strike Beacon.
Experts blocked the domain name and server and recommended paying attention to the "sdiagnhost.exe" process on work computers.