Fancy Bear Archives

Russian threat actors use new ComRAT and Zebrocy malware in recent attacks

Cybersecurity Attacks, Malware / By Frank Crast / November 2, 2020 / CNMF, ComRAT, DHS, Fancy Bear, FBI, Pawn Storm, Sofacy, STRONTIUM, Zebrocy

U.S. government cybersecurity experts warned that “sophisticated threat actors” have been using new Russian malware variants, ComRAT and Zebrocy, in recent cyberattacks.

NSA and FBI: watch out for Russian malware Drovorub

Cybersecurity Attacks / By Frank Crast / August 14, 2020 / APT28, C2, Drovorub, Fancy Bear, FBI, GTsSS, Linux, malware, NSA, rootkit, Russia, STRONTIUM

The National Security Agency (NSA) and the Federal Bureau of Investigation (FBI) have released a joint cybersecurity alert for a new Russian malware dubbed Drovorub.

First UEFI rootkit LoJax discovered in the wild

Cybersecurity Attacks, Malware / By Frank Crast / September 27, 2018 / APT28, Balkans, BIOS, EUFI, Fancy Bear, firmware, LoJax, malware, rootkit, Secure Boot, Sofacy, STRONTIUM

The first ever UEFI rootkit has been detected in the wild. As discovered by ESET security researchers, the Sednit APT group was behind the latest campaign that successfully installed a malicious UEFI rootkit dubbed LoJax on a victim system.

Sofacy hacking group attacks German government network

Cybercrime, Cybersecurity Attacks / By Frank Crast / March 1, 2018 / APT, APT28, Cyberattack, Cybercrime, Cyberesionage, Fancy Bear, Germany, Pawn Storm, Sofacy

The Sofacy group (aka APT28, Fancy Bear, and Pawn Storm) have allegedly attacked and breached German government’s secure computer network. Many security experts believe the cyberespionage group has ties back to the Russian government.