Russian hackers and APT groups are escalating cyberattacks, leveraging readily available malware and broadening their targets beyond governments. Flashpoint researchers reveal these evolving tactics and how to protect your organization. (adsbygoogle = window.
adsbygoogle || []).push({}); Earlier this week, reports surfaced indicating that state-sponsored groups in Iran are collaborating for large-scale attacks, and similar activities are occurring in Russia. As the Ukraine-Russian War continues, Russian Advanced Persistent Threat ( APT ) groups are adapting their TTPs and malware, with many sharing delivery techniques and using paid tools instead of custom payloads, revealed researchers at Flashpoint in their latest report.
The researchers have discovered a dangerously fast-paced sophistication in their Tactics, Techniques, and Procedures (TTPs) in recent spear-phishing campaigns and a preference for malware readily available on illegal online marketplaces, making them harder to detect. While traditionally targeting government and political entities, these groups are now setting their sights on a wider range of victims. The motivations behind these attacks can vary, from espionage and intelligence gathering to financial gain.
Flashpoint analysts reviewed campaigns by several Russian APT groups in 2024, including APT28 , APT29 , Gamaredon , Gossamer Bear, UAC-0050, and UAC-0149. Here’s a brief overview of their activities. APT28 impersonates government organizations in many c.
