Stories
Slash Boxes
Comments

SoylentNews is people

posted by Fnord666 on Wednesday April 24 2019, @08:39PM   Printer-friendly
from the not-sure-what-their-aim-is dept.

Submitted via IRC for SoyCow1984

Russian hackers are targeting European embassies, according to new report

Russian hackers recently attacked a number of embassies in Europe by emailing malicious attachments disguised as official State Department documents to officials, according to a new report from Check Point Research.

The hackers targeted European embassies in Nepal, Guyana, Kenya, Italy, Liberia, Bermuda, and Lebanon, among others. They typically emailed the officials Microsoft Excel sheets with malicious macros that appeared to have originated from the United States State Department. Once opened, the hackers were able to gain full control of the infected computer by weaponizing installed software called TeamViewer, a popular remote access service.

"It is hard to tell if there are geopolitical motives behind this campaign by looking solely at the list of countries it was targeting," the press release says, "since it was not after a specific region and the victims came from different places in the world."

Government finance officials were also subject to these attacks, and Check Point notes that these victims were of particular interest to the hackers. "They all appear to be handpicked government officials from several revenue authorities," the press release says.

[...] While Russian in origin, it's unlikely that these attacks were state-sponsored. One perpetrator was traced back [to] a hacking and carding forum and registered under the same username, "EvaPiks," on both. EvaPiks posted instructions for how to carry out this kind of cyberattack on forums and advised other users as well.

[Editor's Comment: "...attacked a number of embassies in Europe" is incorrect, but is quoted as written. With the exception of Italy, the hackers attacked the embassies of European countries which are located outside Europe.]


Original Submission

 
This discussion has been archived. No new comments can be posted.
Display Options Threshold/Breakthrough Mark All as Read Mark All as Unread
The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
  • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @10:01PM (12 children)

    by Anonymous Coward on Wednesday April 24 2019, @10:01PM (#834522)

    I did look in TFA, there was no link to any evidence at all. Just a claim some forum poster was linked to russia somehow. Guess what? Real hackers pay Russia forum poster to make that post. The end.

  • (Score: -1, Troll) by Anonymous Coward on Wednesday April 24 2019, @10:01PM (11 children)

    by Anonymous Coward on Wednesday April 24 2019, @10:01PM (#834523)

    So, you just made shit up and then got annoyed when others aren't buying your particular brand of bullshit?

    Which is why you should always use Grady's Special Formula™ Bullshit. Now with even more cowpies!

    • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @10:13PM (10 children)

      by Anonymous Coward on Wednesday April 24 2019, @10:13PM (#834526)

      "Made shit up" == "thought for myself". There isn't even a link to the forum post in question in TFA, you are just supposed to trust the authority figure.

      • (Score: 2, Funny) by realDonaldTrump on Wednesday April 24 2019, @10:34PM (2 children)

        by realDonaldTrump (6614) on Wednesday April 24 2019, @10:34PM (#834541) Homepage Journal

        "THERE IS NO EVIDENCE OR PROOF OF COLLUSION." Judge Ken Starr.

      • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @10:44PM (6 children)

        by Anonymous Coward on Wednesday April 24 2019, @10:44PM (#834544)

        "Made shit up" == "Made shit up"

        There. FTFY.

        This took *less than two minutes to find [checkpoint.com]:

        Although in such campaigns it is usually unclear who is behind the attack, in this case we were able to locate a user who appears to be behind the aforementioned activity active in several online forums, or is at least the creator of the tools used in the attack.

        By following the trail from the previous campaigns we were able to find a `CyberForum[.]ru` user that goes by the name “EvaPiks”.

        In multiple instances, the user would suggest, or be advised by other users to use, some of the techniques we witnessed throughout the campaigns.

        There's much more there, but I can't post the screenshots from the report.

        And so we're back to, So, you just made shit up and then got annoyed when others aren't buying your particular brand of bullshit?

        Which is why you should always use Grady's Special Formula™ Bullshit. Now with even more cowpies!

        • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @10:48PM (4 children)

          by Anonymous Coward on Wednesday April 24 2019, @10:48PM (#834547)

          I have no idea what is going on in your mind that could make you think this is convincing either way. So I think you are a north korean shill.

          • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @11:01PM (3 children)

            by Anonymous Coward on Wednesday April 24 2019, @11:01PM (#834551)

            Follow the link.

            https://research.checkpoint.com/finteam-trojanized-teamviewer-against-government-targets/ [checkpoint.com]

            There's plenty of evidence that negates your "hypothesis" (read: no-brand bullshit).

            But accepting such evidence would be smacking up against your confirmation bias [wikipedia.org].

            As they say, just as you can lead a horse to water, but you can't make him drink; you can lead a fool to knowledge, but you can't make him think.

            More's the pity.

            • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @11:12PM (2 children)

              by Anonymous Coward on Wednesday April 24 2019, @11:12PM (#834553)

              They say exactly what I said in this thread:

              On the other hand, some aspects of this attack were carried out with less caution, and have exposed details that are usually well disguised in similar campaigns, such as the personal information and online history of the perpetrator, as well as the outreach of their malicious activity.

              They acknowledge other possibilities and then handwave it away. This is a signature of western-educated academics.

              • (Score: 0) by Anonymous Coward on Wednesday April 24 2019, @11:14PM

                by Anonymous Coward on Wednesday April 24 2019, @11:14PM (#834554)

                accepting such evidence would be smacking up against your confirmation bias

                you can lead a fool to knowledge, but you can't make him think.

                So, you just made shit up and then got annoyed when others aren't buying your particular brand of bullshit?

                Which is why you should always use Grady's Special Formula™ Bullshit. Now with even more cowpies!

              • (Score: -1, Redundant) by Anonymous Coward on Wednesday April 24 2019, @11:27PM

                by Anonymous Coward on Wednesday April 24 2019, @11:27PM (#834556)

                https://arstechnica.com/information-technology/2019/04/loose-online-lips-sink-hack-targeting-governments-and-embassies/ [arstechnica.com]

                So, you just made shit up and then got annoyed when others aren't buying your particular brand of bullshit?
                Which is why you should always use Grady's Special Formula™ Bullshit. Now with even more cowpies!

                you can lead a fool to knowledge, but you can't make him think.

        • (Score: 0) by Anonymous Coward on Thursday April 25 2019, @07:05AM

          by Anonymous Coward on Thursday April 25 2019, @07:05AM (#834641)