CyberNews Briefs

Russian hacker group APT29 targeting diplomats

The group behind the SolarWinds supply chain attack, APT29, is targeting diplomats through phishing methods designed to deploy malware. Security researchers at Mandiant discovered the attack. APT29 is a cyber espionage group believed to be sponsored by the Russian Foreign Intelligence Service, the SVR. APT is also referred to as Nobelium by cybersecurity researchers. The group has been conducting the phishing campaign around the globe since early 2020.

However, 2022’s attacks have seen two new malware families in use, including BEATDROP, BEACON, BOOMMIC. The threat actor also leverages Atlassian’s Trello project management tool for command and control purposes, storing stolen information related to victims and retrieving payloads. Cybersecurity researchers state that it is important to understand that the individuals and government organizations being targeted are likely chosen due to information the Russian intelligence services already have.

Read More: Russian hacker group APT29 targeting diplomats 

OODA Analyst

OODA Analyst

OODA is comprised of a unique team of international experts capable of providing advanced intelligence and analysis, strategy and planning support, risk and threat management, training, decision support, crisis response, and security services to global corporations and governments.