Ukraine’s CERT-UA Impersonated: 1 Million Emails Infected with AGEWHEEZE Malware in Sophisticated Phishing Campaign

A recent phishing campaign has been uncovered by the Computer Emergency Response Team of Ukraine (CERT-UA), in which the agency itself was impersonated to spread a remote administration tool known as AGEWHEEZE malware.

The campaign, carried out by threat actors tracked as UAC-0255, involved sending emails on March 26 and 27, 2026, that appeared to be from CERT-UA, with the goal of tricking recipients into downloading a password-protected ZIP archive containing the malware.

This sophisticated attack highlights the increasing use of social engineering tactics by cybercriminals to gain access to sensitive information and systems. The fact that CERT-UA was impersonated adds a layer of complexity to the campaign, as it may have led some recipients to let their guard down.

The AGEWHEEZE malware, once installed, can provide unauthorized access to a victim’s system, allowing attackers to steal sensitive data, install additional malware, or use the system for other malicious purposes. The campaign’s scope is significant, with approximately 1 million emails affected, underscoring the need for heightened vigilance and robust cybersecurity measures.

To protect against such threats, it’s essential for individuals and organizations to be cautious when receiving emails, especially those with attachments or links, and to verify the authenticity of the sender before taking any action. Keeping software up to date and using antivirus programs can also help detect and prevent malware infections.

Source: Original Article

Press ESC to close

Share Article:

Tarang Parmar

The Evolution of Enterprise Security: Moving Beyond ‘Doctor No’

New WhatsApp VBS Malware Campaign Targets Windows Users with UAC Bypass