State Cybersecurity Center warns of phishing surge from compromised government accounts

According to technical analysts at the Uzbekistan Computer Emergency Response Team (UZCERT), the compromised corporate accounts are actively being weaponized to distribute malicious files and phishing links to various public and private organizations nationwide. To maximize the likelihood of a breach, the attackers are carefully designing these messages to mimic legitimate, everyday official correspondence, misleading unsuspecting recipients into downloading attachments or clicking unsafe links.

A preliminary technical assessment indicates that the initial account compromises stemmed directly from employees registering their corporate email addresses on untrusted, third-party internet platforms. This practice, combined with a general failure to observe basic cyberhygiene protocols, created accessible entry points for the hackers. In several documented instances, the perpetrators used a single breached account to distribute malicious payloads to more than 50 separate external organizations.

In light of the ongoing threat, UZCERT has instructed all public sector entities and their personnel to strictly enforce information security protocols. Employees are advised to avoid opening unsolicited attachments, verify the sender of any suspicious inbound mail, and immediately implement multi-factor authentication across all active corporate accounts.

The current wave of phishing operations follows a notable cybersecurity incident in February of this year involving the domestic telecommunications operator MobiUz. During that breach, unauthorized actors managed to penetrate an isolated test server used by the company.

However, because the server was not integrated into core operational architecture, the company's continuous security monitoring swiftly contained the intrusion. MobiUz subsequently confirmed that subscriber services were unaffected and that the personal and financial data of its customer base remained fully secure within an insulated storage environment.