Displaying items by tag: APT28

Them pesky Russians are up to no good again, trying to hack their way in to steal research about COVID-19 vaccines. The attack appears to have been carried out by a fat man who couldn't be bothered to even hide his IP address, so sophisticated was his approach.

Chinese attackers have been targeting an engineering company based in Britain re-using tactics, techniques and procedures from the Russian threat groups Dragonfly and APT28, the threat intelligence firm Recorded Future claims.

A Russian-speaking online threat actor, known as Sofacy, has been observed to be shifting its attention to the Far East, and showing interest in military, defence and diplomatic organisations, the security firm Kaspersky Lab claims.

ANALYSIS The current reds-under-the-beds scare in the US is increasingly being sold by the media, with unproven claims often being paraded as fact. A prime case of this was seen recently when the Associated Press claimed that the group that had allegedly targeted Hillary Clinton last year had also been hacking many other foes of the Russian state.

Security companies in the US tend to see a Russian hand in everything these days. The latest firm to come up with a Russian bogeyman is FireEye, which issued a report last week, claiming with "moderate confidence" that a campaign against the hospitality sector was being run by APT28, a group that FireEye claims is sponsored by the Russian Government.

A malicious payload that can attack machines running either the older OS X or the newer macOS appears to be aimed at select targets and only for the purpose of cyber espionage, a senior security researcher says.