Hackers from Russia attacked Ukrainian government organizations

Author:
Julia Sheredeha
Date:

Hackers from Russia attacked state organizations of Ukraine using the malicious program Cobalt Strike Beacon, the State Special Communications Service reported.

The government team of cybersecurity specialists CERT-UA found the file "changes in payroll with accruals.docx", which was distributed among state organizations of Ukraine by e-mail.

The document contained a link to an HTML file with JavaScript code, which will run the PowerShell command, load the EXE file "ms-msdt.exe" and damage the computer with the malicious program Cobalt Strike Beacon.

Experts blocked the domain name and server and recommended paying attention to the "sdiagnhost.exe" process on work computers.