1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • Notorious Russian hackers target government officials with fake d

    From TechnologyDaily@1337:1/100 to All on Mon Mar 25 16:45:06 2024
    Notorious Russian hackers target government officials with fake dinner party invites

    Date:
    Mon, 25 Mar 2024 16:43:05 +0000

    Description:
    APT29 threat actor is impersonating a major German political party as it
    tries to deploy WineLoader.

    FULL STORY ======================================================================

    Russian hackers have been observed impersonating a major German political party in an attempt to infect other political subjects in the country with malware capable of stealing sensitive information, and more.

    Cybersecurity researchers from Mandiant reported detetcing a copy of a phishing email sent from a Russian state-sponsored threat actor known as APT29, which has previously been linked with Russia's Foreign Intelligence Service (SVR), and attributed to some of the bigger cyberattacks in recent years, including the disastrous SolarWinds attack from 2020.

    The email impersonates the Christian Democratic Union (CDU), one of Germanys largest political parties whose prominent members include, among others, Angela Merkel, who served as the Chancellor for roughly 16 years, and was widely considered among the most influential politicians globally. War effort

    Starting in February 2024, the campaign invites members of other political parties to a dinner party, and comes with a link to an external page. That page drops a ZIP archive of the Rootsaw malware dropper. This dropper, if executed, will deploy a backdoor called WineLoader.

    WineLoader was first discovered in February, BleepingComputer reports, when security researchers from Zscaler found fake invitations to a wine-tasting event.

    While its safe to assume WineLoader is an infostealer used in cyber-espionage campaigns, it also seems to be much more than that. Its a modular piece of malware that can probably do many more things, depending on each individual campaigns requirements.

    Before targeting German political entities, WineLoader was seen in the Czech Republic, India, Italy, Latvia, and Peru.

    Russia has been at war with Ukraine for more than two years, and most of Western Europe sided with Ukraine, providing assistance in military equipment and other logistics. While not confirmed, its safe to assume this campaign is also part of the Russian war effort. More from TechRadar Pro More WinRar security flaws are being exploited to attack foreign embassies Here's a list of the best firewalls around today These are the best endpoint security tools right now



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/notorious-russian-hackers-target-govern ment-officials-with-fake-dinner-party-invites


    --- Mystic BBS v1.12 A47 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)