APT28 Archives - Securezoo

NSA and FBI: watch out for Russian malware Drovorub

Cybersecurity Attacks / By Frank Crast / August 14, 2020 / APT28, C2, Drovorub, Fancy Bear, FBI, GTsSS, Linux, malware, NSA, rootkit, Russia, STRONTIUM

The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity alert for a new Russian malware dubbed Drovorub.

First UEFI rootkit LoJax discovered in the wild

Cybersecurity Attacks, Malware / By Frank Crast / September 27, 2018 / APT28, Balkans, BIOS, EUFI, Fancy Bear, firmware, LoJax, malware, rootkit, Secure Boot, Sofacy, STRONTIUM

The first ever UEFI rootkit has been detected in the wild. As discovered by ESET security researchers, the Sednit APT group was behind the latest campaign that successfully installed a malicious UEFI rootkit dubbed LoJax on a victim system.

Sofacy hacking group attacks German government network

Cybercrime, Cybersecurity Attacks / By Frank Crast / March 1, 2018 / APT, APT28, Cyberattack, Cybercrime, Cyberesionage, Fancy Bear, Germany, Pawn Storm, Sofacy

The Sofacy group (aka APT28, Fancy Bear, and Pawn Storm) have allegedly attacked and breached German government’s secure computer network. Many security experts believe the cyberespionage group has ties back to the Russian government.

APT28 Group DDE attacks with Seduploader

Cybercrime, Cybersecurity Attacks, Malware / By Frank Crast / November 7, 2017 / APT28, DDE, PowerSHell, Seduploader

McAfee Advanced Threat Research analysts have spotted new malicious techniques used by the APT28 threat group.

APT28 hackers target travelers in hotels in Europe, Middle East

Leave a Comment / Cybersecurity Attacks, Network Security, Password Management, Vulnerabilities & Exploits / By Frank Crast / August 11, 2017 / APT28, EternalBlue, GAMEFISH, hacking, Russia, WannaCry, WiFi

Hackers allegedly linked to Russian actor APT28 may be linked to a campaign targeting travelers in hotels in Europe and the Middle East, with activity dating back to July 2017.