By Eliza Popova
The ATP29 group (also known as Cozy Bear) is known for their attacks on Western state institutions. These hackers are attributed to attacks against NATO member countries, the European Union and Africa. The Polish diplomat simply wanted to sell his used BMW, and to reduce the risks and avoid the flow of buyers - sent his announcement for the sale of colleagues to various embassies in Kiev. But the desire of a man to place advertising "among his" probably led to a hacker breaking of diplomas.
According to the media, the Hackers of the APT29 group intercepted a letter with the announcement, introduced a harmful code into it and then sent to the foreseeable recipients. The Embassy employee in Kiev, who did not suspect anything, was alert only after calling from colleagues who focused on the low cost of the car began to receive him. The hackers changed the price tag to the lower to attract the victims and make them open the "infected" photo album with the image of BMW.
Cyber -diplomat from APT29 has introduced a harmful code, which is activated as soon as the victim has opened a photo album attached to the letter. Hackers can then get full control over the victim's computer. Cybercrime belongs to the APT29 was determined by the analysis of infected files in the photo album. Unit 42 experts who have cybersecurity have identified a hacking group by methods and tools used when contamination of files.
They explained that each group of hackers has a kind of unique "handwriting" that cannot be hidden, at least as they try. "Diplomatic missions have always been and will be an important purpose of espionage," - said in the UNIT 42 report. "Sixteen months after the Russian invasion of Ukraine, intelligence around Ukraine and diplomatic efforts of the Allies are almost certainly a high priority for Russian special services.
" Unfortunately, none of the 22 embassies, to which the Reuters commented, did not respond - whether the Russian hacker managed to access their diplomat computers, whether the cybersecurity system was able to cope with attacks. But the US State Department representative stated that they knew about this attack and, on the basis of an analysis of the Cybersecurity and Technological Security Department, they concluded that it did not affect the systems or accounts of the department.
English
Українська
USA
Français
Deutsch
Italiano
Polski
Čeština
Español
Slovensku
