President Joe Biden urging Vladimir Putin to crack down on cyberattacks coming from within Russian borders doesn’t seem to have convinced the Kremlin to give it up just yet. RiskIQ said in a report Friday that it uncovered active hacking infrastructure that Western governments attributed last summer to the Russian SVR intelligence agency-linked APT29 or Cozy Bear, which it used at the time to try to steal Covid-19 research. Known as WellMess or WellMail, the malware warranted government alerts in July of 2020 from the U.S., U.K. and Canada. In April, the FBI urged organizations to patch five known vulnerabilities that U.S. officials said were the subject of exploitation by the SVR. RiskIQ identified three dozen command and control servers serving WellMess that the company said were under APT29 control. It focused on the infrastructure after a U.S.-Russia summit where cyberattacks came up. “The activity uncovered was notable given the […]
The post Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings appeared first on CyberScoop.
Continue reading Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings→