Electronic SecurityNews

Researchers Find Russia-Backed APT28 Spying on Middle East Defense Corporations

Researchers from a cybersecurity agency revealed the details of the Russian state-supported hacking outfit known as APT28 or Fancy Bear, which has been scanning vulnerable email servers for over a year.

Researchers Find Russia-Backed APT28 Spying on Middle East Defense Corporations

Security researchers discovered that the Russian hacking staff was targeting defense companies with Middle Eastern outposts since May 2019.

38% of the hacks focused defense corporations, banking, construction, and government bodies.

The list of victims further included a couple of non-public schools in France and the U.K. and even a kindergarten in Germany.

The Fancy Bear crew used credential-phishing techniques to additionally target and hack the email accounts for a higher strike rate.

Researchers discovered that the threat group was port-scanning mail servers similar to Microsoft Exchange via TCP ports 443 and 1433. They’d expect to find a weak system to use and explore hack surfaces to help their ongoing campaign.

APT28’s spam-sending tactics contained the use of VPNs to hide their traces. “Pawn Storm regularly makes use of the OpenVPN option of commercial VPN service suppliers to connect to a dedicated host that sends out spam.

The dedicated spam-sending servers used explicit domain names in the EHLO command of the SMTP sessions with the targets’ mail servers.

Recently, Western governments publicly blamed the APT28 group for its attack campaigns against Georgia, a former Soviet republic, in recent times.


Carlton Peterson

Carlton is the contributing author of electronic security. His field of communication is fascinating since he writes about that side of the industry which is costly, less used but more inclined upon by developed countries. Electronic securities have been seeing an upward graph nowadays, but the current scenario still needs to be changed. Carlton’s articles reflect the real happening wrapped up in formally written words.

Related Articles

Leave a Reply

Your email address will not be published. Required fields are marked *