CERT-UA reports attackers send emails to govt agencies allegedly from their team and State Special Communications Service

The tate Cyber Protection Center's Computer Emergency Response Team of Ukraine (CERT-UA), operating under the State Service for Special Communications and Defense, has detected a phishing campaign involving emails claiming to be an unprecedented cyber attack on government information systems using the DEAFTICKv2 malware, along with a demand to conduct a subsequent workstation inspection according to relevant instructions.

"The lawbreakers are sending emails purporting to be from CERT-UA and the State Special Communications Service with the subject line 'URGENT! CERT-UA Order No. 102/5-4092-IS dated May 26, 2026. Threat UAC-0252. Mandatory compliance,'" the State Special Communications Service said in a press release on Tuesday.

The agency noted that this attack was aimed at government officials, military personnel, and workers at critical infrastructure facilities.

"В случае получения таких писем не переходите по ссылкам, не загружайте вложения, не открывайте и не запускайте файлы", – добавили в Госспецсвязи.

"If you receive such emails, do not click on links, download attachments, or open or run files," the State Special Communications Service added.