The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of new phishing attempts directed at Ukrainian individuals, which use hijacked email accounts belonging to three separate Indian businesses to infiltrate their inboxes and steal sensitive data. The agency alerted that the emails come with the subject line “Увага” (meaning “Attention”) and pretend to be from a domestic email service named Ukr.net, but the sender’s email address is “muthuprakash.b@tvsrubber[.]com.”
The emails ostensibly alert recipients of an illegal attempt to log in to their accounts from an IP address situated in Donetsk, Ukraine, and urge them to change their passwords immediately by clicking on a link. “After following the link and entering the password, it gets to the attackers,” CERT-UA noted in a Facebook post over the weekend. “In this way, they gain access to the email inboxes of Ukrainian citizens.”
The fact that TVS Rubber is an automobile firm situated in the Indian city of Madurai suggests that the phishing emails were distributed through an already hacked email account. In a second update, CERT-UA stated that it discovered an additional 20 email addresses used in the cyberattacks. Some of them belong to sysadmins and faculty members at the Ramaiah University of Applied Sciences, an academic institution in Bengaluru, India.
An email address from Hodek Vibration Technologies Pvt. Ltd., an India-based automotive firm that designs and produces dampers for automobiles, light and large commercial vehicles, is also featured in the list. The agency disclosed that these emails had been hacked and exploited by Russian Federation special services to carry out cyberattacks against Ukrainian residents.
The news comes as NATO states overwhelmingly approved to accept Ukraine as a “Contributing Participant” to the Cooperative Cyber Defence Centre of Excellence (CCDCOE), as Russia’s military invasion of the country entered its second week, and cyber strikes poured on commercial and government targets. According to Col Jaak Tarien, Head of CCDCOE, the inclusion of Ukraine in the Centre will facilitate the sharing of cyber knowledge between Ukraine and CCDCOE member countries. Ukraine might contribute significant first-hand expertise of various opponents in the cyber realm for research, exercises, and training.