March 23, 2024 at 02:33AM
Russian-linked hacking group, APT29, has been identified using the WINELOADER backdoor in cyber attacks on diplomatic entities and German political parties. The malware, distributed through wine-tasting phishing emails, allowed for espionage activities, marking a shift in APT29’s focus. This discovery coincides with the arrest of a German military officer involved in Russian espionage.
The meeting notes detail the use of the WINELOADER backdoor in recent cyber attacks targeting diplomatic entities, with a particular focus on its use by a hacking group with ties to Russia’s Foreign Intelligence Service. The malware was employed in phishing emails that targeted German political parties, indicating a potential shift in operational focus for the group. The malware is also associated with an espionage campaign targeting diplomatic entities in several countries, and its expanded use in targeting political parties reflects the SVR’s interest in gathering information to advance Moscow’s geopolitical interests. Additionally, the notes mention the arrest of a military officer in Germany on espionage charges related to Russian intelligence services, highlighting the broader context of cyber activities and espionage.