American security detection experts detect cyber attacks among Russian Foreign Ministry employees ahead of the New Year holidays. This is reported “Kommersant” with reference to research by American cybersecurity companies Cluster25 and Black Lotus Labs.
Presumably, the diplomats were attacked by the Konni hacker group from Southern Europe. According to Black Lotus Labs, the start of fishing is getting closer. So, some diplomats received archives with documents and received vaccination data, others received links to download a fake “Program for registering vaccinated in the federal register of vaccinated.”
As a result, the account of one employee of the Foreign Ministry was compromised. From this address, the hackers managed to send a fishing letter to Russian Deputy Minister Sergei Ryabkov on December 20.
At the same time, Cluster25 stated that another letter with an infected archive was sent to the Russian Embassy in Indonesia on December 20, the diplomatic mission in Serbia was appointed as the sender.
On January 14, it became known about the defeat of the REvil hacker group by the FSB at the request of the United States. 426 million rubles, 500 thousand euros, 600 thousand US dollars and 20 premium cars were seized from 14 cybercriminal defendants. REvil is suspected of large-scale attacks on critical US installations and a number of large large companies.