Cybercriminals mail out chemical attack warning phishing letters

Hackers are massively sending new emails allegedly warning recipients about an impending chemical attack. These letters contain malware stealing users’ data

That’s according to the State Service for Special Communications and Information Protection of Ukraine, Ukrinform reports.

The CERT-UA (Computer Emergency Response Team of Ukraine), operating under the State Special Communications Service, has revealed the fact of mass distribution of e-mails signed "chemical attack".

The emails contain a link to an XLS document with a macro that launches the JesterStealer malware damaging computers.

Read also: Phones, computers of Ukrainians targeted by Russian hackers

The CERT-UA explained that the files are downloaded from compromised web resources.

JesterStealer acquires authentication and other data from Internet browsers, MAIL/FTP/VPN clients, cryptocurrency wallets, password managers, messengers, game programs, etc.

The stolen data is then transmitted back to the attackers via Telegram. The malware self-deletes as soon as the malign operation is completed.

As reported by Ukrinform, the State Special Service said that the Russian invaders have been attempting to gain access to personal data and state registers through private computers and mobile phones.