Hackers have a relationship with Russia and often Russian military intelligence targets hotels in Europe
A group of hackers suspected of having links to Russian military intelligence may have been behind the crackdown on hotel guests in eight European countries, most of which last month were called APT 28, which sought to steal words, FireEye security and security researchers said on Friday. Traffic from Western governments and business travelers using WiFi networks for hotels to infect their regulatory networks in their home countries.
The wave of attacks in the first week of July was aimed at travelers staying in several hotel chains in at least seven countries, mostly in Europe and one in the Middle East. The report is the latest report that Russia is involved in the crackdowns Scale campaign targeting governments, businesses and election campaigns, including a failed attempt to break through last year for US presidential candidate Hillary Clinton.
Many governments and security companies have linked APT 28 to the Russian military intelligence service (GRU). Other investigators have followed the same pattern of attacks, but have not linked APT 28 to the Russian state. Moscow strongly denies the charges.
"The technical work and the remote command line used in the attacks clearly point to the APT 28 group, which has expanded its activities since 2014, and we are moderately confident of our assessment because the technical investigation is still in progress," said Benjamin Reid, director of cyber espionage analysis at FireEye. First days ".
Recent attempts were thwarted and thwarted in the initial infiltration phase, but similar methods were used in the fall of 2016 in European hotels. The group was able to penetrate a government employee's computer in the United States. The security company showed the use of phishing e-mails to deceive the hotel staff and urged him to download A document with malicious GAMEFISH software in the July attacks.
The security company said it had not detected any theft of authorization cards, but there were many target hotel chains, and it did not know the full extent of the spread of the operation. The July attacks used part of the recently leaked malware, known as EternalBlue, It was stolen from the US National Security Agency, giving hackers a very sophisticated way to move silently into organizations' networks once infected by a single device.
The wave of attacks in the first week of July was aimed at travelers staying in several hotel chains in at least seven countries, mostly in Europe and one in the Middle East. The report is the latest report that Russia is involved in the crackdowns Scale campaign targeting governments, businesses and election campaigns, including a failed attempt to break through last year for US presidential candidate Hillary Clinton.
Many governments and security companies have linked APT 28 to the Russian military intelligence service (GRU). Other investigators have followed the same pattern of attacks, but have not linked APT 28 to the Russian state. Moscow strongly denies the charges.
"The technical work and the remote command line used in the attacks clearly point to the APT 28 group, which has expanded its activities since 2014, and we are moderately confident of our assessment because the technical investigation is still in progress," said Benjamin Reid, director of cyber espionage analysis at FireEye. First days ".
Recent attempts were thwarted and thwarted in the initial infiltration phase, but similar methods were used in the fall of 2016 in European hotels. The group was able to penetrate a government employee's computer in the United States. The security company showed the use of phishing e-mails to deceive the hotel staff and urged him to download A document with malicious GAMEFISH software in the July attacks.
The security company said it had not detected any theft of authorization cards, but there were many target hotel chains, and it did not know the full extent of the spread of the operation. The July attacks used part of the recently leaked malware, known as EternalBlue, It was stolen from the US National Security Agency, giving hackers a very sophisticated way to move silently into organizations' networks once infected by a single device.
the source
https://aitnews.com/2017/08/11/%D9%8...4%D9%81%D9%86
Comments
Post a Comment