Security News > 2020 > March > Russian Hackers Exploited Windows Flaws in Attacks on European Firms
Financially-motivated hackers believed to be operating out of Russia recently targeted companies in Western Europe, and the attacks apparently involved a combination of two Windows vulnerabilities that Microsoft did not expect to be exploited.
According to Singapore-based cybersecurity firm Group-IB, the threat groups tracked as TA505 and Silence - the company previously found links between the two groups - targeted at least two pharmaceutical and manufacturing companies in Belgium and Germany in late January.
The attacks have been attributed to Silence and TA505 based on the used tools, but it's possible that only one of them was involved.
Group-IB researchers uncovered this exploit on the attacker' servers and they believe it was likely deployed in the campaign targeting European companies.
The attacks involved trojanized resumes sent to the human resources department at targeted businesses.
News URL
Related news
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- Hackers exploit critical Aviatrix Controller RCE flaw in attacks (source)
- Hackers use FastHTTP in new high-speed Microsoft 365 password attacks (source)
- How Russian hackers went after NGOs’ WhatsApp accounts (source)
- Hackers use Windows RID hijacking to create hidden admin account (source)
- EU sanctions Russian GRU hackers for cyberattacks against Estonia (source)
- E.U. Sanctions 3 Russian Nationals for Cyber Attacks Targeting Estonia’s Key Ministries (source)
- UAC-0063 Expands Cyber Attacks to European Embassies Using Stolen Documents (source)
- Google says hackers abuse Gemini AI to empower their attacks (source)
- Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections (source)