"CERT-UA detected the distribution of malicious DOC files exploiting the flaw, themed around EU COREPER consultations in Ukraine, just three days after Microsoft's alert.

In other cases, the emails impersonated the Ukrainian Hydrometeorological Center and were sent to over 60 government-related addresses.

However, the agency says that the metadata associated with the document shows that it was created one day after the emergency update.

The Ukrainian CERT attributed these attacks to APT28, a nation-state threat actor also known as Fancy Bear and Sofacy and associated with Russia's General Staff Main Intelligence Directorate (GRU)."

tech

"CERT-UA detected the distribution of malicious DOC files exploiting the flaw, themed around EU COREPER consultations in Ukraine, just three days after Microsoft's alert.

In other cases, the emails impersonated the Ukrainian Hydrometeorological Center and were sent to over 60 government-related addresses.

However, the agency says that the metadata associated with the document shows that it was created one day after the emergency update.

The Ukrainian CERT attributed these attacks to APT28, a nation-state threat actor also known as Fancy Bear and Sofacy and associated with Russia's General Staff Main Intelligence Directorate (GRU)."