The Ukrainian government's CERT-UA cybersecurity team has published a warning about sending fake letters allegedly on behalf of the public bodies of Ukraine with a link to downloading malicious software under the guise of a package to increase the level of information security.

"CERT-UA, operating under the State Service for Special Communications and Information Protection, has detected the distribution of fake emails on behalf of the public bodies of Ukraine with instructions to increase the level of information security. The body of the letter contains a link to the website hxxps://forkscenter [.]fr/, from which it is proposed to download "critical updates" in the form of a file "BitdefenderWindowsUpdatePackage.exe" with a size of about 60MB," the team said in the Telegram channel.

CERT-UA said that this file launches the "alt.exe" loader, which installs a number of files. As part of the study, it was determined that running the downloaded "one.exe" file will lead to the Cobalt Strike Beacon malware infecting the computer.

The CERT-UA cybersecurity team asks everyone who received or opened this letter to immediately report it to [email protected].