Hackers working for Russian military intelligence have long relied on zero-days and malware to target their victims, but in the last year they’ve kept it simple — using previously hacked email accounts to send a wide array of phishing attempts, according to new research from security firm Trend Micro. Since at least May of last year, the group known as Fancy Bear, APT28, or Pawn Storm, has used hacked email accounts belonging to high-profile personnel working at defense firms in the Middle East to carry out the operation, according to Feike Hacquebord, a senior threat researcher at Trend Micro. “The actor connects to a dedicated server using the OpenVPN option of a commercial VPN provider and then uses compromised email credentials to send out credential spam via a commercial email service provider,” Hacquebord writes in the research. The group, which the U.S. Department of Justice linked with Russia’s Main Intelligence Directorate […]
The post Russian hackers using stolen corporate email accounts to mask their phishing attempts appeared first on CyberScoop.
Continue reading Russian hackers using stolen corporate email accounts to mask their phishing attempts→