< Back
cyberthreat news
07 December 2023

Russian hackers compromise embassy emails to target governments

Security analysts have uncovered a recent phishing campaign from Russian hackers known as APT29 (Cozy Bear or Nobelium) targeting diplomats and government entities. The APT29 is a state-sponsored actor that focuses on cyberespionage and has been active since at least 2014. Its targeting scope is determined by current Russian geopolitical strategic interests. The messages pretend to carry important policy updates and originate from legitimate email addresses belonging to embassies. Another notable aspect in this campaign is the abuse of Atlassian Trello, and other legitimate cloud service platforms, for command and control (C2) communication.

 

Read more about it: here