Latest in Gear

Image credit:

Russian hackers are hijacking computers at embassies (updated)

It doesn't appear to be a state-backed campaign.
Jon Fingas, @jonfingas
April 22, 2019
Share
Tweet
Share

Sponsored Links

John Greim/LightRocket via Getty Images

Russian hackers have apparently launched cyberattacks against embassies, although it might not be the kind of campaign you're expecting. Check Point Research reports that the attackers have attempted to compromise PCs at embassies for countries like Italy, Bermuda and Kenya by tricking officials into loading malware. Most often, they emailed Excel spreadsheets with malicious macros that would hijack a computer using the popular remote access app TeamViewer.

The attackers don't seem to be state-backed, though. They've also attacked government officials at "several" revenue authorities, and Check Point noted that there have been similar campaigns that targeted Russian speakers. At least one of the culprits, nicknamed EvaPiks, has been linked to a hacking forum where card theft was a subject of discussion. The intruders may be "financially motivated" based on this evidence, Check Point said.

As it is, the group is occasionally sloppy. While it planned the campaign and created false documents specific to each target, some parts of the campaign have left the attacker's personal info exposed. If this is a state attack, it wasn't a particularly good one. Not that this is much comfort to victims -- they've had potentially sensitive data exposed to crooks who intend to abuse it.

Update 4/25 1:10PM ET: The initially sourced account of what happened was inaccurate. Check Point tells Engadget that the attackers didn't hit US embassies -- instead, they used the US State Department as a decoy to attack others' embassies. We've updated the article accordingly.

All products recommended by Engadget are selected by our editorial team, independent of our parent company. Some of our stories include affiliate links. If you buy something through one of these links, we may earn an affiliate commission.
Comment
Comments
Share
Tweet
Share

Popular on Engadget

Netflix delivers 'studio-quality' sound upgrade for Android viewers

Netflix delivers 'studio-quality' sound upgrade for Android viewers

View
Apple warns against putting an iPhone 12 too close to your pacemaker

Apple warns against putting an iPhone 12 too close to your pacemaker

View
Sony may resurrect the Xperia Compact line for small phone fans

Sony may resurrect the Xperia Compact line for small phone fans

View
Facebook inexplicably logs out iPhone users

Facebook inexplicably logs out iPhone users

View
Google mobile search redesign focuses on results, not frills

Google mobile search redesign focuses on results, not frills

View

From around the web

Page 1Page 1ear iconeye iconFill 23text filevr