Follow Us on WhatsApp | Telegram | Google News

FireEye uncovered a Russian cyber espionage campaign - APT28

Table of Contents
Security firm FireEye have recently published a new report which uncovers a large scale cyber espionage campaign that was from the Russian government.

On the report FireEye reveals that a group of Russian hackers, dubbed APT28, is behind long-
running cyber espionage campaigns that targeted US defense contractors, European security organizations and Eastern European government entities.

Researchers from FireEye had collected various evidence against the APT28 which verifies that the hackers group had a link with the Russian government. FireEye says that-
“APT28 appeared to target individuals affiliated with European security organizations and global multilateral institutions. The Russian government has long cited European security organizations like NATO and the OSCE as existential threats, particularly during periods of increased tension in Europe,”
On the report security firm noted that group of hackers APT28 has targeted attendees of European defense exhibitions, including the EuroNaval 2014, EUROSATORY 2014, and the Counter Terror Expo and the Farnborough Airshow 2014. Other than this they have also targeted governments, militaries, and security organizations.

Since 2007, APT28 has systematically evolved its malware, using flexible and lasting platforms indicative of plans for long-term use. The coding practices evident in the group’s malware suggest both a high level of skill and an interest in complicating reverse engineering efforts - FireEye noted.

FireEye researcher have analyzed several files and malware sample that were used by the hackers team and have found that it was on Russian language. Malware compile times suggest that APT28 developers have consistently updated their tools over the last seven year .
APT28 uses spearphishing emails to target its victims, a common tactic in which the threat group
crafts its emails to mention specific topics (lures) relevant to recipients. This increases the likelihood that recipients will believe that the email is legitimate and will be interested in opening the message, opening any attached files, or clicking on a link in the body of the email - FireEye reports says.
Apart from this hackers have also used Sofacy in the cyber espionage campaign dubbed “Operation Pawn Storm” recently uncovered by TrendMicro, which targeted military, government and media organizations worldwide

There are lots of the more information that FireEye have reveals. You can get the detail report file of the FireEye research here. It's a pdf file that contains all the details information.
Read Also
Post a Comment