The enemy is attacking emails of members of the Ukrainian military at i.ua and meta.ua servers – State Special Communications Service of Ukraine
Friday, 25 February 2022, 3:10 p.m.
The State Service of Special Communications and Information Protection has issued a warning about mass phishing emails sent to addresses at Ukrainian servers i.ua and meta.ua. The report comes from the press team of the Service via Telegram.
"Private mailboxes of members of the Ukrainian military and people associated with them are targeted. After an account is compromised, all data are downloaded via IMAP. The enemy also uses the contact addresses for further emails. The campaign is carried out by the so-called UNC1151 group located in Minsk. It includes personnel from the Ministry of Defense of the Republic of Belarus," the statement reads.
Example of a phishing email:
"Dear user, your data have not been verified, so your mailbox will be locked for 2 days. To unlock your mailbox, we must make sure that you are not a spam bot. To do this, follow the link below and confirm your credentials. Otherwise, your mailbox will be permanently deleted. We hope for your understanding. Sincerely, i.ua team."
Earlier reports suggest that Ukrainians are receiving emails with files that can give the enemy access to data from their electronic devices.