The CERT-UA government's cybersecurity team of Ukraine, operating under the State Special Communications Service, warns of sending emails with attachments containing malicious programs; this time the cyber attackers are using the COVID-19 theme.

As reported on the CERT-UA website on Tuesday, these emails contain attachments in the form of an XLS document Aid request COVID-19-04_5_22.xls. After its opening, GraphSteel and GrimPlant malware will be downloaded, and cyber attackers will gain access to basic information about the attacked computer.

At the same time, emails are sent from a compromised account of an employee of the government body of Ukraine.

According to CERT-UA, the activity is associated with the activity of group UAC-0056. The same group was involved in several cyberattacks in March. Then the attackers parasitized on the topics of increasing the level of information security among Ukrainians and wage arrears.