CERT-UA reports of attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware

CERT-UA reported three cyberattacks in March 2025 targeting Ukrainian agencies and critical infrastructure. The attacks, tracked as UAC-0219, used compromised accounts to send emails with links to VBScript loaders, downloading PowerShell scripts to steal sensitive files and take screenshots. The primary tool, WRECKSTEEL, has versions in VBScript and PowerShell.