article thumbnail

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU , the foreign military intelligence agency of the Russian Federation. “In order to ESCAPE the law, you need to KNOW the law. This is the most important thing. ” Mr. .

Military 252
article thumbnail

EU Council sanctions two Russian military intelligence officers over 2015 Bundestag hack

Security Affairs

The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack. The 85th Main Centre for Special Services (GTsSS) is the military unit of the Russian government also tracked as APT28 (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ).

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

The APT28 group (aka Forest Blizzard , Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military 107
article thumbnail

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

Experts uncovered a new cyber-espionage campaign, dubbed “ Operation In(ter)receptio n,” aimed at aerospace and military organizations in Europe and the Middle East. The post Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East appeared first on Security Affairs.

article thumbnail

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

Over the past 20 months, the group targeted at least 30 organizations within 14 nations that are probably of strategic intelligence significance to the Russian government and its military. The group operates out of military unity 26165 of the Russian General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center (GTsSS).

Military 102
article thumbnail

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

Emerging in 2007 as a banking trojan, QakBot (a.k.a. In April 2022, the DOJ quietly removed malware from computers around the world infected by the “Snake” malware , an even older malware family that has been tied to the GRU, an intelligence arm of the Russian military. ” The DOJ said it also recovered more than 6.5

article thumbnail

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.