Ukrainian cybersecurity officials have warned that Belarusian state-sponsored hackers are targeting the private email addresses of Ukrainian military personnel.
Announcing the activity in a Facebook post, Ukraine’s Computer Emergency Response Team (CERT-UA) said that a mass phishing campaign is targeting the private i.ua and meta.ua accounts belonging to Ukrainian military personnel.
“After the account is compromised, the attackers, by the IMAP protocol, get access to all the messages,” it added. “Later, the attackers use contact details from the victim’s address book to send the phishing emails.”
CERT-UA has attributed the ongoing campaign to the UNC1151 threat group, which Mandiant formally linked to the Belarusian government in November 2021. Mandiant also linked the state-backed cyber-espionage group to the Ghostwriter disinformation campaign, which has been involved in spreading anti-NATO rhetoric and hack-and-leak operations throug …
