Nate Nelson reports:
Russian state hackers are performing targeted phishing campaigns in at least nine countries spread across four continents. Their emails tout official government business and, if successful, threaten not just sensitive organizational data, but also geopolitical intelligence of strategic importance.
Such a sophisticated, multi-pronged plot could only be wrought by a group as prolific as Fancy Bear (aka APT28, Forest Blizzard, Frozenlake, Sofacy Group, Strontium, UAC-028, and many more aliases still), which IBM X-Force tracks as ITG05 in a new report.
Besides the convincing government-themed lures and three new variants of custom backdoors, the campaign stands out most for the information it targets: Fancy Bear appears to be aiming for highly specific information of use to the Russian government.
Read more at Dark Reading.