Latest APT29 news

Autodesk reveals it was targeted by Russian SolarWinds hackers

Autodesk has confirmed that it was also targeted by the Russian state hackers behind the large-scale SolarWinds Orion supply-chain attack, almost nine months after discovering that one of its servers was backdoored with Sunburst malware.
- Sergiu Gatlan
- September 02, 2021
- 07:30 AM
- 0
Russian hackers had months-long access to Denmark's central bank

Russian state hackers compromised Denmark's central bank (Danmarks Nationalbank) and planted malware that gave them access to the network for more than half a year without being detected.
- Ionut Ilascu
- June 29, 2021
- 01:48 PM
- 4
Nobelium hackers accessed Microsoft customer support tools

Microsoft says they have discovered new attacks conducted by the Russian state-sponsored Nobelium hacking group, including a hacked Microsoft support agent's computer that exposed customer's subscription information.
- Lawrence Abrams
- June 26, 2021
- 12:11 PM
- 0
US seizes domains used by APT29 in recent USAID phishing attacks

The US Department of Justice has seized two Internet domains used in recent phishing attacks impersonating the U.S. Agency for International Development (USAID) to distribute malware and gain access to internal networks.
- Lawrence Abrams
- June 01, 2021
- 04:56 PM
- 1
Microsoft: Russian hackers used 4 new malware in USAID phishing

Microsoft states that a Russian hacking group used four new malware families in recent phishing attacks impersonating the United States Agency for International Development (USAID).
- Lawrence Abrams
- May 29, 2021
- 01:49 PM
- 0
Russian state hackers switch targets after US joint advisories

Russian Foreign Intelligence Service (SVR) operators have switched their attacks to target new vulnerabilities in reaction to US govt advisories published last month with info on SVR tactics, tools, techniques, and capabilities used in ongoing attacks.
- Sergiu Gatlan
- May 07, 2021
- 11:29 AM
- 0
US warns of Russian state hackers still targeting US, foreign orgs

The FBI, the US Department of Homeland Security (DHS), and the Cybersecurity and Infrastructure Security Agency (CISA) warned today of continued attacks coordinated by the Russian-backed APT 29 hacking group against US and foreign organizations.
- Sergiu Gatlan
- April 26, 2021
- 11:16 AM
- 0
US government confirms Russian SVR behind the SolarWinds hack

The United States government is formally accusing the Russian government of the SolarWinds supply-chain attack that gave hackers access to the network of multiple U.S. agencies and private tech sector companies.
- Ionut Ilascu
- April 15, 2021
- 10:54 AM
- 11
US think tank breached three times in a row by SolarWinds hackers

An advanced hacking group believed to be working for the Russian government has compromised the internal network of a think tank in the U.S. three times.
- Ionut Ilascu
- December 17, 2020
- 03:17 PM
- 0
Russian hackers target COVID-19 vaccine research with custom malware

Hackers likely working for Russian intelligence services have been attacking organizations involved in the research and development of a vaccine against the new coronavirus.
- Ionut Ilascu
- July 16, 2020
- 11:04 AM
- 1
Cozy Bear Russian Hackers Spotted After Staying Undetected for Years

Cyber-espionage operations from Cozy Bear, a threat actor believed to work for the Russian government, continued undetected for the past years by using malware families previously unknown to security researchers.
- Ionut Ilascu
- October 17, 2019
- 09:39 AM
- 0
Phishing Attack Allegedly Targeted US DNC After 2018 Midterms

According to documents added to an amended complaint filed on January 17, the Democratic National Committee says that it was allegedly targeted by a Russian intelligence-coordinated phishing attack just a few days after the 2018 midterms.
- Sergiu Gatlan
- January 18, 2019
- 06:00 PM
- 1