image credit: Pixabay

APT28 Targets Ukrainian Government Entities with Fake “Windows Update” Emails

May 1, 2023

The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of cyber attacks perpetrated by Russian nation-state hackers targeting various government bodies in the country.

The agency attributed the phishing campaign to APT28, which is also known by the names Fancy Bear, Forest Blizzard, FROZENLAKE, Iron Twilight, Sednit, and Sofacy.

The email messages come with the subject line “Windows Update” and purportedly contain instructions in the Ukrainian language to run a PowerShell command under the pretext of security updates.

Read More on The Hacker News