Instead of wine tasting, a hacker attack: hackers from the Russian Federation attacked European diplomats
Kyiv • UNN
The Russian group Cozy Bear sent European diplomats invitations to fake wine tastings on behalf of the European Ministry of Foreign Affairs. The letters contained malware.
A hacker group previously linked to Russian intelligence agencies has been sending European diplomats invitations to fake wine tastings from a European foreign ministry in recent months.
UNN reports this with reference to Politico.
A cybersecurity company has discovered that the well-known hacker group Cozy Bear was trying to trick European diplomats into downloading malicious software.
According to a new study published on Tuesday, a hacker group previously linked to Russian intelligence agencies has been sending European diplomats invitations to fake wine tastings from a European foreign ministry in recent months.
Cybersecurity company Check Point said that a Russian-linked group known as Cozy Bear attacked European diplomatic institutions with emails with subjects such as "Wine Tasting" and "Diplomatic Dinner." The letters contained malicious software that puts victims' security at risk.
It is noted that Cozy Bear is one of the most famous hacker groups in Russia. It is believed to have carried out major hacks, such as the invasion of the US Democratic National Committee on the eve of the 2016 presidential election, as well as the recent large-scale hack of software company SolarWinds, which is described as the largest attack in history.
Western security services previously linked Cozy Bear, also known as APT29 and Midnight Blizzard, to the Russian Foreign Intelligence Service SZR.
The hackers behind the new campaign posed as a "large" European foreign ministry, sending fake invitations to targets, including foreign ministries, as well as embassies of non-EU countries located in Europe.
Instead of trying a rich red or white wine, diplomats who opened email attachments unwittingly downloaded malicious software
Check Point has been tracking the campaign since January. The firm's researcher, Serhiy Shykevych, declined to name the exact foreign ministry that the hackers were imitating, noting only that it was "one of the largest" in the European Union.
Commenting on the choice of wine as bait, Shykevych said: "Someone from the attackers had a good idea."
A cyberattack on the Polish space agency: what is known03.03.25, 11:23 • 25336 views
Shykevych added that Check Point has not determined whether the hacking attempts were successful. The firm said in its study that it found signs that diplomats in the Middle East were also targeted.
Two European diplomats told POLITICO that they regularly receive warnings about phishing attempts, but have not received warnings about this particular campaign. This attack is an updated version of a similar campaign previously detected by Google.