US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets
For two years, Russian military hackers have been bombarding hundreds of targets worldwide with passwords to gain access to their networks, making use of a popular open-source tool for managing application workloads, U.S. and U.K. agencies warned in an advisory Thursday. The Russian agency deploys a Kubernetes cluster — a set of worker machines — to conduct their brute force “password spray” attacks that guess commonly-used passwords to get into target networks, according to the advisory from the National Security Agency, the Department of Homeland Security’s Cybersecurity and Infrastructure Security Agency, the FBI and the U.K.’s National Cyber Security Centre. It’s the alleged handiwork of Russia’s General Staff Main Intelligence Directorate (GRU) 85th Main Special Service Center, military unit 26165. The hackers, often described as Fancy Bear or APT28, have beeen blamed for a number of high profile intrustions, most prominently for interference in the 2016 U.S. presidential election. The […]
The post US, UK accuse Russian military hackers of battering-ram password attacks against hundreds of targets appeared first on CyberScoop.