The Computer Emergency Response Team of Ukraine (CERT-UA) has cautioned of new phishing attacks directed at Ukrainian citizens, which use hijacked email accounts belonging to three separate Indian businesses to infiltrate their inboxes and steal sensitive data.
The emails arrive with the subject line "" (meaning "Attention") and pretend to be from a domestic email service named Ukr.net, but the sender's email address is "muthuprakash.b@tvsrubber[.]com," according to the agency.
The messages allegedly alert recipients of an unauthorised attempt to log in to their accounts from an IP address based in Donetsk, Ukraine, and urge them to change their passwords immediately by clicking on a link.
CERT-UA noted in a Facebook post over the weekend, "After following the link and entering the password, it gets to the attackers. In this way, they gain access to the email inboxes of Ukrainian citizens."
The fact that TVS Rubber is an automotive company situated in the Indian city of Madurai suggests that the phishing emails were distributed through an already compromised email account.
In a further update, CERT-UA stated that it had discovered an additional 20 email addresses used in the attacks, some of which belonged to sysadmins and faculty members at the Ramaiah University of Applied Sciences, an academic institution in Bengaluru, India.
An email address from Hodek Vibration Technologies Pvt. Ltd., an India-based automotive company that designs and manufactures dampers for cars, light and heavy commercial vehicles, and other industrial equipment, is also featured in the list.
"All these mailboxes have been compromised and are being used by the Russian Federation's special services to carry out cyberattacks on Ukrainian citizens," the agency said.
The news comes as NATO states unanimously approved to admit Ukraine as a "Contributing Participant" to the Cooperative Cyber Defence Centre of Excellence (CCDCOE), as Russia's military invasion of the country entered its second week and cyber strikes poured down on government and commercial targets.
"Ukraine's presence in the Centre will enhance the exchange of cyber expertise, between Ukraine and CCDCOE member nations. Ukraine could bring valuable first-hand knowledge of several adversaries within the cyber domain to be used for research, exercises and training," Col Jaak Tarien, director of CCDCOE, said in a statement.