Ukraine’s CERT-UA Impersonated in Large-Scale Phishing Campaign Spreading AGEWHEEZE Malware

A recently uncovered phishing campaign has been making headlines, with the Computer Emergency Response Team of Ukraine (CERT-UA) being impersonated to spread a remote administration tool known as AGEWHEEZE malware to an estimated 1 million emails.

The campaign, which was carried out by threat actors tracked as UAC-0255, involved sending emails on March 26 and 27, 2026, posing as CERT-UA. These emails contained a password-protected ZIP archive that, when opened, would install the AGEWHEEZE malware on the victim’s system.

The use of social engineering tactics, such as impersonating a trusted cybersecurity agency like CERT-UA, is a common strategy employed by threat actors to gain the trust of their victims and increase the likelihood of a successful attack.

The AGEWHEEZE malware, once installed, can provide the attackers with remote access to the compromised system, allowing them to steal sensitive information, install additional malware, or use the system for other malicious purposes.

It is essential for individuals and organizations to be vigilant when receiving emails, even if they appear to be from a trusted source, and to take necessary precautions to prevent falling victim to such phishing campaigns.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

The Evolution of Enterprise Security: Moving Beyond ‘Doctor No’

Microsoft Alerts Users to WhatsApp-Based VBS Malware Threat with UAC Bypass Capabilities