Security News > 2022 > June > Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug

Fancy Bear Uses Nuke Threat Lure to Exploit 1-Click Bug
2022-06-23 12:21

Advanced persistent threat group Fancy Bear is behind a phishing campaign that uses the specter of nuclear war to exploit a known one-click Microsoft flaw.

Fancy Bear is also known as APT28, Strontium and Sofacy.

Google's Threat Analysis Group said Fancy Bear already has used this stealer to target users in the Ukraine.

The Computer Emergency Response Team of Ukraine also independently discovered the malicious document used by Fancy Bear in the recent phishing campaign, according to Malwarebytes.

CERT-UA previously identified Fancy Bear as one of the numerous APTs pummeling Ukraine with cyber-attacks in parallel with the invasion by Russian troops that began in late February.

Net stealer previously identified by Google in other Fancy Bear campaigns in the Ukraine.


News URL

https://threatpost.com/fancy-bear-nuke-threat-lure/180056/