Using Remcos, a well-known surveillance tool, a hacker organisation that has been targeting government entities in Ukraine for some time has begun a fresh assault against them. Hackers may misuse the advanced remote access software, which is sold as a genuine administrative tool, to take complete control of a compromised machine.
Computer emergency response team (CERT-UA) investigation indicates that in a recent campaign, hackers sent phishing letters to their targets, posing as requests from Ukraine’s security service (SBU). The hackers requested specific information from the victims via email, stating that it was necessary for “national security.” The malicious letter threatened to hold recipients accountable if they failed to supply information within the allotted time.