Russian govt impersonators target telcos in phishing attacks

Cybersecurity researchers at IBM Security X-Force have identified a phishing email campaign by Hive0117, likely a financially motivated cybercriminal group, starting in February 2022, designed to spread the fileless malware variant called DarkWatchman. The campaign masquerades as official communications of the Federal Service of Judicial Officers of the Russian Government, e-mails in Russian are addressed to users in Lithuania, Estonia and Russia in the telecommunications, electronics and industrial sectors. The activity predates the Russian invasion of Ukraine and does not appear to be associated with it.

Read more about it: here