The activities of the APT29 (Midnight Blizzard) hacker group, which hacked websites and redirected users to fake pages, in the interests of Russian intelligence, have been neutralized. This is reported by UNN with reference to the Center for Countering Disinformation.
Details
Amazon cyber specialists thwarted the operation of the APT29 hacker group. The attackers from the group, also known as Midnight Blizzard (which, as stated, operates under the auspices of Russian foreign intelligence) - have been exposed, and their activities have apparently been stopped.
What the exposed individuals did
The hackers hacked legitimate websites and embedded code that redirected some visitors to fake pages that mimicked the Cloudflare service. There, users were tricked into "authorizing" the attackers' devices. As a result, the criminals gained access to mail and files in cloud services.
The CPD emphasized that this is not a one-time hack. This is a systemic work of Russian intelligence.
The agency explained that Russia's goal is to collect information about US government structures, media, universities, and public organizations.
To hack computers directly, they force victims to independently confirm access — through legal Microsoft and Google mechanisms
"Such actions are a tool of espionage that the Kremlin uses to pressure Western states. Such attacks should be considered as an element of hybrid interference in the internal processes of the US and its allies, and not as ordinary cybercrime," adds the body that constantly monitors information messages.
Recall
For many years, Russian government hackers had access to the US court records storage system, stealing classified documents.
Bloomberg in mid-August reported, citing its own sources, that the attackers were able to steal confidential documents that were hidden from the public, according to the order of US judges.