Post by ck4829 on Oct 23, 2017 10:04:49 GMT
Russia's Election Hackers Use D.C. Cyber Warfare Conference as Bait
The Russian military hackers behind last year’s election meddling are using an upcoming cyber warfare conference in Washington D.C. as a lure to infect a new crop of victims with malware, security researchers said Sunday, effectively turning a high-level gathering packed with NATO and U.S. military cyber defenders into an opportunity for more attacks.
The new campaign by the hackers known as Fancy Bear and APT28 began in early October, when the hackers began spamming out a flier for next month’s International Conference on Cyber Conflict, or CyCon U.S. Hosted by the U.S. Army and a NATO cyber defense institute, the gathering features speakers like former NSA chief Keith Alexander, Gen. Paul Nakasone, who leads the U.S. Army Cyber Command, and Senator Martin Heinrich, a prominent Kremlin critic on the Senate Intelligence Committee’s investigation into Russian election meddling.
The Russian hackers’ flier for the event is a Microsoft Word document named “Conference_on_Cyber_Conflict.doc”. It contains the logos of the conference organizers and a sponsor, and text copied from the conference website touting the 2017 theme, “The Future of Cyber Conflict.” But Russia isn’t distributing the document to boost attendance. Buried inside is a malicious macro that downloads and installs malware called Seduploader, a Fancy Bear reconnaissance program that lets the hackers take screenshots and gather basic system information to decide if the victim is worth spying on long-term.
Beyond the simple irony of using a U.S. and NATO cyber security confab as bait for a hack attack, the campaign suggests that Fancy Bear is specifically interested in spying on efforts to thwart its hacking of Western targets.
Read more: www.thedailybeast.com/russias-election-hackers-use-dc-cyber-warfare-conference-as-bait?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+thedailybeast%2Farticles+%28The+Daily+Beast+-+Latest+Articles%29
The Russian military hackers behind last year’s election meddling are using an upcoming cyber warfare conference in Washington D.C. as a lure to infect a new crop of victims with malware, security researchers said Sunday, effectively turning a high-level gathering packed with NATO and U.S. military cyber defenders into an opportunity for more attacks.
The new campaign by the hackers known as Fancy Bear and APT28 began in early October, when the hackers began spamming out a flier for next month’s International Conference on Cyber Conflict, or CyCon U.S. Hosted by the U.S. Army and a NATO cyber defense institute, the gathering features speakers like former NSA chief Keith Alexander, Gen. Paul Nakasone, who leads the U.S. Army Cyber Command, and Senator Martin Heinrich, a prominent Kremlin critic on the Senate Intelligence Committee’s investigation into Russian election meddling.
The Russian hackers’ flier for the event is a Microsoft Word document named “Conference_on_Cyber_Conflict.doc”. It contains the logos of the conference organizers and a sponsor, and text copied from the conference website touting the 2017 theme, “The Future of Cyber Conflict.” But Russia isn’t distributing the document to boost attendance. Buried inside is a malicious macro that downloads and installs malware called Seduploader, a Fancy Bear reconnaissance program that lets the hackers take screenshots and gather basic system information to decide if the victim is worth spying on long-term.
Beyond the simple irony of using a U.S. and NATO cyber security confab as bait for a hack attack, the campaign suggests that Fancy Bear is specifically interested in spying on efforts to thwart its hacking of Western targets.
Read more: www.thedailybeast.com/russias-election-hackers-use-dc-cyber-warfare-conference-as-bait?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed%3A+thedailybeast%2Farticles+%28The+Daily+Beast+-+Latest+Articles%29