Researchers immediately identified three new families of malware created by Cozy Bear: PolyglotDuke, RegDuke and FatDuke, as well as the previously documented MiniDuke backdoor, which has been updated. Because of this, information security experts believed that the group may have ceased to exist, but now ESET experts have found that this is far from truth. However, in recent years, almost nothing has been heard about Cozy Bear, apart from a one-time incident in November 2018 related to a phishing campaign aimed at several American organizations.
These hackers were accused of hacking the National Committee of the Democratic Party of the United States in anticipation of the 2016 elections, as well as of numerous attacks on various governmental departments in Europe and beyond.Īccording to information security experts, this group allegedly works with the Russian FSB (security service) and was also involved in attacks on the US White House postal system, the US Department of Foreign Affairs and the Joint Chiefs of Staff. The Russian-speaking hacker group Cozy Bear (aka APT29 and Dukes) was considered very active from 2014 to 2017, but as ESET experts found out, this cybercriminal group is still active and attacks governmental structures.
0 kommentar(er)
