Security News > 2020 > March > Russian Hackers Exploited Windows Flaws in Attacks on European Firms
Financially-motivated hackers believed to be operating out of Russia recently targeted companies in Western Europe, and the attacks apparently involved a combination of two Windows vulnerabilities that Microsoft did not expect to be exploited.
According to Singapore-based cybersecurity firm Group-IB, the threat groups tracked as TA505 and Silence - the company previously found links between the two groups - targeted at least two pharmaceutical and manufacturing companies in Belgium and Germany in late January.
The attacks have been attributed to Silence and TA505 based on the used tools, but it's possible that only one of them was involved.
Group-IB researchers uncovered this exploit on the attacker' servers and they believe it was likely deployed in the campaign targeting European companies.
The attacks involved trojanized resumes sent to the human resources department at targeted businesses.
News URL
Related news
- Russian military hackers linked to critical infrastructure attacks (source)
- U.S. Offers $10 Million for Info on Russian Cadet Blizzard Hackers Behind Major Attacks (source)
- Microsoft and DOJ disrupt Russian FSB hackers' attack infrastructure (source)
- Windows driver zero-day exploited by Lazarus hackers to install rootkit (source)
- 0-day in Windows driver exploited by North Korean hackers to deliver rootkit (CVE-2024-38193) (source)
- Hackers use PHP exploit to backdoor Windows systems with new malware (source)
- Russian laundering millions for Lazarus hackers arrested in Argentina (source)
- PEAKLIGHT Downloader Deployed in Attacks Targeting Windows with Malicious Movie Downloads (source)
- Unpatched AVTECH IP Camera Flaw Exploited by Hackers for Botnet Attacks (source)
- Russian APT29 hackers use iOS, Chrome exploits created by spyware vendors (source)