Stories
Slash Boxes
Comments

SoylentNews is people

Russian Hackers are Targeting European Embassies, According to New Report

posted by Fnord666 on Wednesday April 24 2019, @08:39PM   Printer-friendly
from the not-sure-what-their-aim-is dept.

upstart writes:

Submitted via IRC for SoyCow1984

Russian hackers are targeting European embassies, according to new report

Russian hackers recently attacked a number of embassies in Europe by emailing malicious attachments disguised as official State Department documents to officials, according to a new report from Check Point Research.

The hackers targeted European embassies in Nepal, Guyana, Kenya, Italy, Liberia, Bermuda, and Lebanon, among others. They typically emailed the officials Microsoft Excel sheets with malicious macros that appeared to have originated from the United States State Department. Once opened, the hackers were able to gain full control of the infected computer by weaponizing installed software called TeamViewer, a popular remote access service.

"It is hard to tell if there are geopolitical motives behind this campaign by looking solely at the list of countries it was targeting," the press release says, "since it was not after a specific region and the victims came from different places in the world."

Government finance officials were also subject to these attacks, and Check Point notes that these victims were of particular interest to the hackers. "They all appear to be handpicked government officials from several revenue authorities," the press release says.

[...] While Russian in origin, it's unlikely that these attacks were state-sponsored. One perpetrator was traced back [to] a hacking and carding forum and registered under the same username, "EvaPiks," on both. EvaPiks posted instructions for how to carry out this kind of cyberattack on forums and advised other users as well.

[Editor's Comment: "...attacked a number of embassies in Europe" is incorrect, but is quoted as written. With the exception of Italy, the hackers attacked the embassies of European countries which are located outside Europe.]

Original Submission

 
This discussion has been archived. No new comments can be posted.
Russian Hackers are Targeting European Embassies, According to New Report | Log In/Create an Account | Top | 30 comments | Search Discussion
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.

  • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @08:57PM (8 children)

    by Anonymous Coward on Wednesday April 24 2019, @08:57PM (#834487)

    From TFS:

    While Russian in origin, it's unlikely that these attacks were state-sponsored. One perpetrator was traced back a hacking and carding forum and registered under the same username, "EvaPiks," on both. EvaPiks posted instructions for how to carry out this kind of cyberattack on forums and advised other users as well.

  • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @09:05PM (7 children)

    by Anonymous Coward on Wednesday April 24 2019, @09:05PM (#834493)

    Is it difficult for someone to post on a "hacking and carding forum" from North Korea (or anywhere else) as misdirection? That does not seem to be evidence that can distinguish between the possibilities.

    • (Score: -1, Troll) by Anonymous Coward on Wednesday April 24 2019, @09:06PM (6 children)

      by Anonymous Coward on Wednesday April 24 2019, @09:06PM (#834494)

      https://en.wikipedia.org/wiki/Occam%27s_razor [wikipedia.org]

      vs.

      https://en.wikipedia.org/wiki/Confirmation_bias [wikipedia.org]

      hmmm.....

      • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @09:11PM (5 children)

        by Anonymous Coward on Wednesday April 24 2019, @09:11PM (#834498)

        Occams razor would tell me the simplest explanation is that hackers would attempt to misdirect others as to the source. It is common sense. Thinking otherwise means you have to explain how they can pull off the attack but otherwise be too dumb to plan ahead by spending 10 seconds making a fake forum post.

        • (Score: -1, Troll) by Anonymous Coward on Wednesday April 24 2019, @09:13PM (3 children)

          by Anonymous Coward on Wednesday April 24 2019, @09:13PM (#834500)

          https://en.wikipedia.org/wiki/Sagan_standard [wikipedia.org]

        • (Score: 1, Insightful) by Anonymous Coward on Wednesday April 24 2019, @09:45PM

          by Anonymous Coward on Wednesday April 24 2019, @09:45PM (#834513)

          spending 10 seconds making a fake forum post

          From TFS:

          While Russian in origin, it's unlikely that these attacks were state-sponsored. One perpetrator was traced back a hacking and carding forum and registered under the same username, "EvaPiks," on both. EvaPiks posted instructions for how to carry out this kind of cyberattack on forums and advised other users as well./quote