Security News > 2022 > May > Russian hacker group APT29 targeting diplomats
Threat analysts at the cybersecurity firm Mandiant have uncovered a new APT29 cyber attack once again aimed at diplomats and government agencies.
APT29 is a cyber espionage group widely believed to be sponsored by the Russian Foreign Intelligence Service, the SVR. APT29 is also publicly referred to as Nobelium by Microsoft, Mandiant said.
APT29 is the group responsible for the 2021 SolarWinds supply chain attack.
While Mandiant has been tracking APT29 phishing activities aimed at diplomats around the globe since early 2020, this year's attackers are using two new malware families, BEATDROP, BEACON and BOOMMIC to carry out attacks.
To trick victims into downloading malware-laden files, APT29 sent spear-phishing emails disguised as embassy administrative updates, Manidant said in a blog post about the attacks.
Also See Share: Russian hacker group APT29 targeting diplomats.
News URL
https://www.techrepublic.com/article/russian-hacker-group-apt29-targeting-diplomats/
Related news
- How Russian hackers went after NGOs’ WhatsApp accounts (source)
- EU sanctions Russian GRU hackers for cyberattacks against Estonia (source)
- Russian military hackers deploy malicious Windows activators in Ukraine (source)
- Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts (source)