Ukraine Cyber Agency Impersonated: 1 Million Emails Infected with AGEWHEEZE Malware

A recent phishing campaign has been uncovered by the Computer Emergency Response Team of Ukraine (CERT-UA), in which the agency’s own identity was exploited to spread a remote administration tool known as AGEWHEEZE malware.

The campaign, attributed to threat actors tracked as UAC-0255, involved sending emails on March 26 and 27, 2026, while masquerading as CERT-UA. These emails contained a password-protected ZIP archive designed to deceive recipients into downloading the malicious software.

The use of social engineering tactics, such as impersonating a trusted cybersecurity agency, highlights the evolving nature of phishing attacks and the need for vigilance among email users. The AGEWHEEZE malware, once installed, can provide attackers with remote access to compromised systems, potentially leading to further malicious activities.

The disclosure of this campaign by CERT-UA serves as a reminder of the importance of verifying the authenticity of emails, especially those that prompt actions such as downloading attachments or clicking on links. As cybersecurity threats continue to escalate, staying informed about the latest tactics used by threat actors is crucial for both individuals and organizations to protect themselves against such attacks.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

The Evolution of Enterprise Security: Moving Beyond ‘Doctor No’

New WhatsApp VBS Malware Campaign Targets Windows Users with UAC Bypass