InfoSecBulletin Cybersecurity for mankind
Attackers are pretending to be Ukraine’s Computer Emergency Response Team (CERT-UA) using AnyDesk to access target computers.
“Unidentified individuals are sending connection requests via AnyDesk under the pretext of conducting a ‘security audit to verify the level of protection,’ using the name ‘CERT.UA,’ the CERT-UA logo, and the AnyDesk ID “1518341498” (which may vary),” CERT-UA explained on Friday.
India’s Tata Electronics hit by cyber breach: Hacker target 630 GB record
Anthropic’s Mythos reportedly broke NSA classified systems in hours
OpenAI New Method “Deployment Simulation” Predicts AI Risks Before Deployment
AryStinger botnet infected thousands of D-Link routers globally
Hacker suspected of sending alerts across Brazil
CyberSentinel AI features 33 security tools like Nmap, SQLMap, and ZAP, utilizing Claude and GPT
Barracuda hosts Dhaka roundtable on cyber resilience
CISA Alerts Fortinet Users as FortiBleed Affects 86,644 FortiGate Devices
CISA: Splunk flaw under active exploit, patch by Sunday
Texas data breach exposes 3 million driver’s licenses
The requests appear to be haphazardly sent, with the attackers relying on users to accept them without skepticism: “It is evident that attackers are once again resorting to social engineering methods based on trust and the use of authority.”
To send a connection request, the attacker must know the target’s AnyDesk ID and the remote access software must be operational on their device.
They think the attackers may have obtained the targets’ AnyDesk IDs by compromising other computers where remote access was previously allowed.
AnyDesk and other remote access tools are often leveraged by a variety of attackers to gain access to target computers.
Ukraine’s national CERT uses remote access tools to help users combat and manage cyber incidents. These interventions are done only through pre-approved communication channels. A connection requests out of the blue should, therefore, raise potential targets’ suspicions.
The team is unsure if the targets are government workers, company employees, or private individuals. They advise anyone receiving such connection requests to report them to relevant cyber protection units or CERT-UA.
OWASP Reveils Top 10 Smart Contract Vulnerabilities for 2025
