Cybercriminals mail out chemical attack warning phishing letters

07.05.2022 14:18

Ukrinform

Hackers are massively sending new emails allegedly warning recipients about an impending chemical attack. These letters contain malware stealing users’ data

That’s according to the State Service for Special Communications and Information Protection of Ukraine, Ukrinform reports.

The CERT-UA (Computer Emergency Response Team of Ukraine), operating under the State Special Communications Service, has revealed the fact of mass distribution of e-mails signed "chemical attack".

The emails contain a link to an XLS document with a macro that launches the JesterStealer malware damaging computers.

The CERT-UA explained that the files are downloaded from compromised web resources.

JesterStealer acquires authentication and other data from Internet browsers, MAIL/FTP/VPN clients, cryptocurrency wallets, password managers, messengers, game programs, etc.

The stolen data is then transmitted back to the attackers via Telegram. The malware self-deletes as soon as the malign operation is completed.

As reported by Ukrinform, the State Special Service said that the Russian invaders have been attempting to gain access to personal data and state registers through private computers and mobile phones.