The Ukrainian military agency unveiled a battlefield situational awareness tool notified the national cybersecurity response team of a phishing campaign whose operators intend to steal files and siphon internet browser data.
The Ukrainian Computer Emergency Response Team said the campaign targeted users of the situational awareness tool, which the Center for Innovations and Development of Defense Technologies within the Ministry of Defense dubbed Delta at its October public unveiling. Delta is a digital map accessible on multiple devices including a smartphone. The center notified CERT-UA about the campaign on Dec. 17, leading to Sunday’s warning from CERT-UA.
The phishing hook, which came from a compromised Ministry of Defense email address, told recipients they must update Delta certificates in order to maintain access.
The phishing email included a PDF attachment supposedly containing further instructions, including an embedded link that, when clicked, led to a phishing website mimicking the legitimate Delta logon website but in actuality belonging to the delta-storages.com domain. Data kept by the Internet Corporation for Assigned Names and Numbers show an unknown party registered the domain on Dec. 15.
