Ukraine Cyber Agency Impersonated: 1 Million Emails Targeted with AGEWHEEZE Malware

A recent phishing campaign has been uncovered by the Computer Emergency Response Team of Ukraine (CERT-UA), in which the agency’s own identity was leveraged to spread malware.

The campaign, attributed to the threat actors known as UAC-0255, involved sending emails on March 26 and 27, 2026, that impersonated CERT-UA, tricking recipients into downloading a password-protected ZIP archive containing the AGEWHEEZE remote administration tool.

AGEWHEEZE is a type of malware that allows attackers to gain unauthorized access to compromised systems, enabling them to steal sensitive information, install additional malware, or use the infected machines for other malicious purposes.

The fact that CERT-UA was impersonated in this campaign adds a layer of complexity, as it may have increased the likelihood of the emails being trusted by the recipients, thereby enhancing the campaign’s success rate.

The sheer scale of the campaign, with approximately 1 million emails targeted, underscores the severity of the threat and highlights the need for heightened vigilance against such phishing attempts.

As cybersecurity threats continue to evolve, it is essential for individuals and organizations to remain informed about the latest tactics and techniques used by threat actors, such as the use of legitimate agency names to distribute malware like AGEWHEEZE.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

WhatsApp Spyware Attack: 200 Users Targeted via Fake iOS App

Cryptocurrency Mining Operation Spreads RATs and Miners via Fake ISO Files