#HeadLace

Russian Hackers Target Europe with HeadLace Malware and Credential Harvesting

by

May 31, 2024 at 06:57AM APT28, a Russian GRU-backed threat actor, has conducted cyber attacks across Europe using the HeadLace malware and credential-harvesting web pages. Operating with stealth and sophistication, they utilized legitimate internet services to conceal their operations. Their main targets included entities with military significance and services like Yahoo! and UKR[.]net. Key takeaways … Read more

Russian APT28 Hackers Targeting 13 Nations in Ongoing Cyber Espionage Campaign

by

December 12, 2023 at 10:18AM Russian threat actor APT28, also known as ITG05, is using the Israel-Hamas war as a lure to distribute a custom backdoor called HeadLace. The campaign targets at least 13 nations and uses authentic documents to deliver the malware. The attacks exploit security flaws in WinRAR and Microsoft Outlook, focusing on … Read more