Security News > 2023 > April > Russian hackers linked to widespread attacks targeting NATO and EU

Russian hackers linked to widespread attacks targeting NATO and EU
2023-04-13 14:27

Poland's Military Counterintelligence Service and its Computer Emergency Response Team have linked APT29 state-sponsored hackers, part of the Russian government's Foreign Intelligence Service, to widespread attacks targeting NATO and European Union countries.

The attackers have targeted diplomatic personnel using spear phishing emails impersonating European countries' embassies with links to malicious websites or attachments designed to deploy malware via ISO, IMG, and ZIP files.

APT29 is the Russian Foreign Intelligence Service hacking division which was also linked to the SolarWinds supply-chain attack that led to the compromise of multiple U.S. federal agencies three years ago.

Unit 42 has also observed the Brute Ratel adversarial attack simulation tool being used in attacks suspected to be linked to the Russian SVR cyber spies.

More recently, Microsoft reported that the APT29 hackers are using new malware capable of hijacking Active Directory Federation Services to log in as anyone in Windows systems.

They've also targeted Microsoft 365 accounts in NATO countries in attempts to access foreign policy information and orchestrated a wave of phishing campaigns targeting governments, embassies, and high-ranking officials across Europe.


News URL

https://www.bleepingcomputer.com/news/security/russian-hackers-linked-to-widespread-attacks-targeting-nato-and-eu/