Ukraine has cautioned heightened cyberattacks directly toward its military institutions, particularly the branches that work with developing new technology for the military.

The attacks were often carried out via infected Excel attachments disguised as official documents, according to a Monday Facebook update by the State Service for Special Communications and Information Protection of Ukraine.

JOIN US ON TELEGRAM

Follow our coverage of the war on the @Kyivpost_official.

The institution, citing findings by the Computer Emergency Response Team of Ukraine (CERT-UA), said it has recorded increasing attempts “against Ukrainian institutions involved in the development of innovations in the military sector since the beginning of February 2025.”

“The attacks are carried out by distributing emails with Excel documents. The file names and email subjects mention topical and sensitive issues – demining, administrative fines, [unmanned aerial vehicle] UAV production, compensation for destroyed property, etc,” the update says.

Advertisement

CERT-UA detailed the form of attack in its Sunday press release, where it said the malicious code  aimed to “[provide] access to databases of Internet browsers” are embedded inside the cells, where they are then extracted to malignant parties via Telegram.

“As of April 2025, two types of software tools for implementing the cyber threat are known. The first is a .NET program, the resources of which contain a PowerShell script, which is functionally a reverse-shell borrowed from the public GitHub repository PSSW100AVB,” the press release states.

President of Georgia on Protests, Security in the Black Sea Region, and the Country’s Prospects
Other Topics of Interest

President of Georgia on Protests, Security in the Black Sea Region, and the Country’s Prospects

In an interview with Kyiv Post, Salome Zourabichvili – still recognized as president of Georgia by the EU and Ukraine, notwithstanding claims that she lost the fraudulent 2024 elections – discusses the importance of Georgia for security in the Black Sea region and the significance of the protests in Tbilisi against the pro-Russian government. She also addresses the plight of imprisoned former Georgian President Mikheil Saakashvili.

“The second, classified as GIFTEDCROOK, is a C/C++ stealer program that, among other things, provides access to databases of Internet browsers Chrome, Edge, Firefox (Cookies, history, saved authentication data), their archiving using the PowerShell cmdlet Compress-Archive, and subsequent exfiltration to Telegram,” it adds.

While the State Service for Special Communications and Information Protection of Ukraine said the cyberattacks targeted various military and law enforcement bodies – especially those on the east close to the front line – it did not name Russia as the culprit.

Advertisement

“Cybercriminals are also targeting military formations, law enforcement agencies, and local governments, particularly those located near Ukraine’s eastern border,” the update adds.

Russia’s invasion of Ukraine has seen widespread cyberattacks by both sides, sometimes with real-world consequences when infrastructure is targeted and rendered inoperational.

 

To suggest a correction or clarification, write to us here
You can also highlight the text and press Ctrl + Enter
Kyiv Post
Kyiv Post

Kyiv Post is Ukraine’s first and oldest English news organization since 1995. Its international market reach of 97% outside of Ukraine makes it truly Ukraine’s Global – and most reliable – Voice.

POPULAR

Ukraine Deploys Hundreds of Decoy Drones to Saturation-Bomb Russian Targets

By Kyiv Post
May 31, 2026

Ukrainian Ballistic Missile Test Flights ‘Toward Moscow’ May Begin This Summer – Fire Point

By Kyiv Post
June 4, 2026

Ex-Russian Spy Warns Moscow Will Be ‘At War For Decades’ And Predicts New Global Clashes

By Kyiv Post
June 4, 2026

Deep Into Russia: Ukraine Damages Navy Ships in Kronstadt Port Near St. Petersburg

By Julia Struck-Feshchenko
June 3, 2026
More on Cyberattack
Russia Warns Smart Cameras Could Expose Leaders’ Locations US

Russia Warns Smart Cameras Could Expose Leaders’ Locations

By Kyiv Post
May 26, 2026
Dutch Intelligence: Russia Preparing for Long‑Term Confrontation Ukraine

Dutch Intelligence: Russia Preparing for Long‑Term Confrontation

By Veronika Sukhanych
April 23, 2026
Fraudsters Impersonate Budanov in Fake Emails Claiming to Be From Presidential Office Cyberattack

Fraudsters Impersonate Budanov in Fake Emails Claiming to Be From Presidential Office

By Yuliia Zavadska
April 20, 2026
SBU, FBI Disrupt Russian GRU Cyber Operation Carried Out via Hacked Routers Europe

SBU, FBI Disrupt Russian GRU Cyber Operation Carried Out via Hacked Routers

By Yuliia Zavadska
April 8, 2026
Read Next
Tsikhanouskaya Adviser on Fighting the Belarusian Regime, Lukashenko’s Preparations for War Against NATO EXCLUSIVE War in Ukraine

Tsikhanouskaya Adviser on Fighting the Belarusian Regime, Lukashenko’s Preparations for War Against NATO

By Sergii Kostezh
11h ago
Russia’s Growing Desertion Crisis Starting to Resemble WWI – Yerevan-Based Activist INTERVIEW War in Ukraine

Russia’s Growing Desertion Crisis Starting to Resemble WWI – Yerevan-Based Activist

By Lesia Dubenko
12h ago
President of Georgia on Protests, Security in the Black Sea Region, and the Country’s Prospects EXCLUSIVE War in Ukraine

President of Georgia on Protests, Security in the Black Sea Region, and the Country’s Prospects

By Bohdan Nahaylo
13h ago
‘Tysyachovesna’ Cultural Fund Gathers Over 1,100 Grant Applications – Zelensky Ukraine

‘Tysyachovesna’ Cultural Fund Gathers Over 1,100 Grant Applications – Zelensky

By Kyiv Post
13h ago
« Previous Moscow Allegedly Hid Parcel Bombs Among Sex Toys – Investigator
Next » ICU Weekly Insight: Ukraine GDP slows dramatically