Threat operation UAC-0245 was noted by Ukraine's Computer Emergency Response Team to have deployed cyberattacks involving the new CABINETRAT malware against organizations across the country, The Hacker News reports.Attackers have leveraged the Signal messaging app to distribute ZIP archives with Microsoft Excel add-in files, or XLLs, purportedly regarding individuals who had been detained for crossing the Ukrainian border, according to CERT-UA. Multiple executables are then created by the XLL file, which eventually parses and extracts the C-based CABINETRAT backdoor.Aside from facilitating system information collection, screenshot capturing, and directory content enumeration, CABINETRAT also enables command execution and file uploads or downloads, as well as file or directory deletion.Such a development comes after Ukraine was found by Fortinet FortiGuard Labs researchers to have been subjected to a fileless phishing campaign involving the spoofing of the country's National Police to deliver the Amatera Stealer and PureMiner payloads.
Get daily email updates
SC Media's daily must-read of the most current and pressing daily news
Related Terms
AdwareYou can skip this ad in 5 seconds