Security News > 2022 > May > Russian hacker group APT29 targeting diplomats
Threat analysts at the cybersecurity firm Mandiant have uncovered a new APT29 cyber attack once again aimed at diplomats and government agencies.
APT29 is a cyber espionage group widely believed to be sponsored by the Russian Foreign Intelligence Service, the SVR. APT29 is also publicly referred to as Nobelium by Microsoft, Mandiant said.
APT29 is the group responsible for the 2021 SolarWinds supply chain attack.
While Mandiant has been tracking APT29 phishing activities aimed at diplomats around the globe since early 2020, this year's attackers are using two new malware families, BEATDROP, BEACON and BOOMMIC to carry out attacks.
To trick victims into downloading malware-laden files, APT29 sent spear-phishing emails disguised as embassy administrative updates, Manidant said in a blog post about the attacks.
Also See Share: Russian hacker group APT29 targeting diplomats.
News URL
https://www.techrepublic.com/article/russian-hacker-group-apt29-targeting-diplomats/
Related news
- Russian Hackers Exploit CVE-2025-26633 via MSC EvilTwin to Deploy SilentPrism and DarkWisp (source)
- Russian hackers attack Western military mission using malicious drive (source)
- Chinese hackers target Russian govt with upgraded RAT malware (source)
- Hackers Abuse Russian Bulletproof Host Proton66 for Global Attacks and Malware Delivery (source)
- Russian Hackers Exploit Microsoft OAuth to Target Ukraine Allies via Signal and WhatsApp (source)
- France ties Russian APT28 hackers to 12 cyberattacks on French orgs (source)
- Russian Hackers Using ClickFix Fake CAPTCHA to Deploy New LOSTKEYS Malware (source)